Date
July 20, 2025, 11:12 a.m.
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.101857] ================================================================== [ 14.102494] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 14.102772] Read of size 1 at addr ffff888103b3fd02 by task kunit_try_catch/266 [ 14.103067] [ 14.103177] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.103220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.103232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.103254] Call Trace: [ 14.103267] <TASK> [ 14.103282] dump_stack_lvl+0x73/0xb0 [ 14.103307] print_report+0xd1/0x610 [ 14.103329] ? __virt_addr_valid+0x1db/0x2d0 [ 14.103349] ? kasan_stack_oob+0x2b5/0x300 [ 14.103368] ? kasan_addr_to_slab+0x11/0xa0 [ 14.103387] ? kasan_stack_oob+0x2b5/0x300 [ 14.103406] kasan_report+0x141/0x180 [ 14.103426] ? kasan_stack_oob+0x2b5/0x300 [ 14.103449] __asan_report_load1_noabort+0x18/0x20 [ 14.103473] kasan_stack_oob+0x2b5/0x300 [ 14.103492] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.103509] ? finish_task_switch.isra.0+0x153/0x700 [ 14.103530] ? __switch_to+0x47/0xf50 [ 14.103556] ? __schedule+0x10cc/0x2b60 [ 14.103577] ? __pfx_read_tsc+0x10/0x10 [ 14.103596] ? ktime_get_ts64+0x86/0x230 [ 14.103620] kunit_try_run_case+0x1a5/0x480 [ 14.103642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.103663] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.103685] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.103710] ? __kthread_parkme+0x82/0x180 [ 14.103729] ? preempt_count_sub+0x50/0x80 [ 14.103752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.103776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.103798] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.103823] kthread+0x337/0x6f0 [ 14.103843] ? trace_preempt_on+0x20/0xc0 [ 14.103867] ? __pfx_kthread+0x10/0x10 [ 14.103888] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.103958] ? calculate_sigpending+0x7b/0xa0 [ 14.103983] ? __pfx_kthread+0x10/0x10 [ 14.104020] ret_from_fork+0x116/0x1d0 [ 14.104038] ? __pfx_kthread+0x10/0x10 [ 14.104059] ret_from_fork_asm+0x1a/0x30 [ 14.104088] </TASK> [ 14.104098] [ 14.111810] The buggy address belongs to stack of task kunit_try_catch/266 [ 14.112187] and is located at offset 138 in frame: [ 14.112489] kasan_stack_oob+0x0/0x300 [ 14.112806] [ 14.112903] This frame has 4 objects: [ 14.113160] [48, 49) '__assertion' [ 14.113181] [64, 72) 'array' [ 14.113577] [96, 112) '__assertion' [ 14.113763] [128, 138) 'stack_array' [ 14.114000] [ 14.114266] The buggy address belongs to the physical page: [ 14.114598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b3f [ 14.114931] flags: 0x200000000000000(node=0|zone=2) [ 14.115162] raw: 0200000000000000 ffffea00040ecfc8 ffffea00040ecfc8 0000000000000000 [ 14.115544] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.115900] page dumped because: kasan: bad access detected [ 14.116122] [ 14.116217] Memory state around the buggy address: [ 14.116480] ffff888103b3fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.116800] ffff888103b3fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.117089] >ffff888103b3fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.117439] ^ [ 14.117590] ffff888103b3fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.117831] ffff888103b3fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.118126] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.605018] ================================================================== [ 11.605544] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 11.605885] Read of size 1 at addr ffff888101d1f4bf by task kunit_try_catch/155 [ 11.606190] [ 11.606300] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.606343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.606354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.606375] Call Trace: [ 11.606386] <TASK> [ 11.606402] dump_stack_lvl+0x73/0xb0 [ 11.606454] print_report+0xd1/0x610 [ 11.606476] ? __virt_addr_valid+0x1db/0x2d0 [ 11.606498] ? kmalloc_oob_left+0x361/0x3c0 [ 11.606517] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.606537] ? kmalloc_oob_left+0x361/0x3c0 [ 11.606557] kasan_report+0x141/0x180 [ 11.606578] ? kmalloc_oob_left+0x361/0x3c0 [ 11.606622] __asan_report_load1_noabort+0x18/0x20 [ 11.606644] kmalloc_oob_left+0x361/0x3c0 [ 11.606686] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.606707] ? __schedule+0x10cc/0x2b60 [ 11.606729] ? __pfx_read_tsc+0x10/0x10 [ 11.606749] ? ktime_get_ts64+0x86/0x230 [ 11.606772] kunit_try_run_case+0x1a5/0x480 [ 11.606796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.606816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.606838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.606860] ? __kthread_parkme+0x82/0x180 [ 11.606879] ? preempt_count_sub+0x50/0x80 [ 11.606901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.606931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.606953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.606974] kthread+0x337/0x6f0 [ 11.606993] ? trace_preempt_on+0x20/0xc0 [ 11.607014] ? __pfx_kthread+0x10/0x10 [ 11.607033] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.607053] ? calculate_sigpending+0x7b/0xa0 [ 11.607103] ? __pfx_kthread+0x10/0x10 [ 11.607123] ret_from_fork+0x116/0x1d0 [ 11.607140] ? __pfx_kthread+0x10/0x10 [ 11.607159] ret_from_fork_asm+0x1a/0x30 [ 11.607189] </TASK> [ 11.607198] [ 11.613766] Allocated by task 1: [ 11.613929] kasan_save_stack+0x45/0x70 [ 11.614129] kasan_save_track+0x18/0x40 [ 11.614328] kasan_save_alloc_info+0x3b/0x50 [ 11.614540] __kasan_kmalloc+0xb7/0xc0 [ 11.614727] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.614996] kvasprintf+0xc5/0x150 [ 11.615184] __kthread_create_on_node+0x18b/0x3a0 [ 11.615374] kthread_create_on_node+0xab/0xe0 [ 11.615551] cryptomgr_notify+0x704/0x9f0 [ 11.615699] notifier_call_chain+0xcb/0x250 [ 11.615873] blocking_notifier_call_chain+0x64/0x90 [ 11.616123] crypto_alg_mod_lookup+0x21f/0x440 [ 11.616328] crypto_alloc_tfm_node+0xc5/0x1f0 [ 11.616515] crypto_alloc_sig+0x23/0x30 [ 11.616721] public_key_verify_signature+0x208/0x9f0 [ 11.616951] x509_check_for_self_signed+0x2cb/0x480 [ 11.617183] x509_cert_parse+0x59c/0x830 [ 11.617388] x509_key_preparse+0x68/0x8a0 [ 11.617577] asymmetric_key_preparse+0xb1/0x160 [ 11.617804] __key_create_or_update+0x43d/0xcc0 [ 11.618049] key_create_or_update+0x17/0x20 [ 11.618229] x509_load_certificate_list+0x174/0x200 [ 11.618449] regulatory_init_db+0xee/0x3a0 [ 11.618634] do_one_initcall+0xd8/0x370 [ 11.618849] kernel_init_freeable+0x420/0x6f0 [ 11.619006] kernel_init+0x23/0x1e0 [ 11.619136] ret_from_fork+0x116/0x1d0 [ 11.619266] ret_from_fork_asm+0x1a/0x30 [ 11.619402] [ 11.619494] Freed by task 0: [ 11.619645] kasan_save_stack+0x45/0x70 [ 11.619861] kasan_save_track+0x18/0x40 [ 11.620068] kasan_save_free_info+0x3f/0x60 [ 11.620278] __kasan_slab_free+0x56/0x70 [ 11.620473] kfree+0x222/0x3f0 [ 11.620660] free_kthread_struct+0xeb/0x150 [ 11.620884] free_task+0xf3/0x130 [ 11.621078] __put_task_struct+0x1c8/0x480 [ 11.621280] delayed_put_task_struct+0x10a/0x150 [ 11.621501] rcu_core+0x66f/0x1c40 [ 11.621719] rcu_core_si+0x12/0x20 [ 11.621893] handle_softirqs+0x209/0x730 [ 11.622077] __irq_exit_rcu+0xc9/0x110 [ 11.622278] irq_exit_rcu+0x12/0x20 [ 11.622423] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.622588] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.622842] [ 11.622955] The buggy address belongs to the object at ffff888101d1f4a0 [ 11.622955] which belongs to the cache kmalloc-16 of size 16 [ 11.623485] The buggy address is located 15 bytes to the right of [ 11.623485] allocated 16-byte region [ffff888101d1f4a0, ffff888101d1f4b0) [ 11.624000] [ 11.624096] The buggy address belongs to the physical page: [ 11.624349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d1f [ 11.624620] flags: 0x200000000000000(node=0|zone=2) [ 11.624809] page_type: f5(slab) [ 11.624937] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.625278] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.625616] page dumped because: kasan: bad access detected [ 11.625886] [ 11.626009] Memory state around the buggy address: [ 11.626213] ffff888101d1f380: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 11.626428] ffff888101d1f400: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 11.626641] >ffff888101d1f480: fa fb fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 11.626961] ^ [ 11.627199] ffff888101d1f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.627504] ffff888101d1f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.627832] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.064285] ================================================================== [ 49.064762] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 49.064762] [ 49.065120] Use-after-free read at 0x(____ptrval____) (in kfence-#132): [ 49.065396] test_krealloc+0x6fc/0xbe0 [ 49.065595] kunit_try_run_case+0x1a5/0x480 [ 49.066177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.066428] kthread+0x337/0x6f0 [ 49.066587] ret_from_fork+0x116/0x1d0 [ 49.066738] ret_from_fork_asm+0x1a/0x30 [ 49.066957] [ 49.067064] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.067064] [ 49.067424] allocated by task 355 on cpu 1 at 49.063665s (0.003756s ago): [ 49.068260] test_alloc+0x364/0x10f0 [ 49.068403] test_krealloc+0xad/0xbe0 [ 49.068798] kunit_try_run_case+0x1a5/0x480 [ 49.069001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.069357] kthread+0x337/0x6f0 [ 49.069640] ret_from_fork+0x116/0x1d0 [ 49.069833] ret_from_fork_asm+0x1a/0x30 [ 49.070145] [ 49.070233] freed by task 355 on cpu 1 at 49.063922s (0.006309s ago): [ 49.070520] krealloc_noprof+0x108/0x340 [ 49.070899] test_krealloc+0x226/0xbe0 [ 49.071088] kunit_try_run_case+0x1a5/0x480 [ 49.071419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.071753] kthread+0x337/0x6f0 [ 49.071922] ret_from_fork+0x116/0x1d0 [ 49.072096] ret_from_fork_asm+0x1a/0x30 [ 49.072273] [ 49.072391] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 49.073134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.073304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.073866] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.966029] ================================================================== [ 48.966990] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.966990] [ 48.968087] Use-after-free read at 0x(____ptrval____) (in kfence-#131): [ 48.968304] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 48.968478] kunit_try_run_case+0x1a5/0x480 [ 48.969307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.969903] kthread+0x337/0x6f0 [ 48.970357] ret_from_fork+0x116/0x1d0 [ 48.970513] ret_from_fork_asm+0x1a/0x30 [ 48.971090] [ 48.971387] kfence-#131: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.971387] [ 48.972096] allocated by task 353 on cpu 1 at 48.961738s (0.010356s ago): [ 48.972338] test_alloc+0x2a6/0x10f0 [ 48.972472] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 48.973090] kunit_try_run_case+0x1a5/0x480 [ 48.973668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.974314] kthread+0x337/0x6f0 [ 48.974808] ret_from_fork+0x116/0x1d0 [ 48.975281] ret_from_fork_asm+0x1a/0x30 [ 48.975795] [ 48.976076] freed by task 353 on cpu 1 at 48.961847s (0.014225s ago): [ 48.976352] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 48.976525] kunit_try_run_case+0x1a5/0x480 [ 48.977189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.977822] kthread+0x337/0x6f0 [ 48.978333] ret_from_fork+0x116/0x1d0 [ 48.978714] ret_from_fork_asm+0x1a/0x30 [ 48.979089] [ 48.979197] CPU: 1 UID: 0 PID: 353 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 48.979527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.980171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.981215] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.908643] ================================================================== [ 23.909833] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.909833] [ 23.910629] Invalid read at 0x(____ptrval____): [ 23.911189] test_invalid_access+0xf0/0x210 [ 23.911516] kunit_try_run_case+0x1a5/0x480 [ 23.911829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.912078] kthread+0x337/0x6f0 [ 23.912243] ret_from_fork+0x116/0x1d0 [ 23.912647] ret_from_fork_asm+0x1a/0x30 [ 23.913067] [ 23.913198] CPU: 0 UID: 0 PID: 349 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.913654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.913930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.914381] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 23.687913] ================================================================== [ 23.688301] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.688301] [ 23.688637] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#127): [ 23.689253] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.689431] kunit_try_run_case+0x1a5/0x480 [ 23.689647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.689919] kthread+0x337/0x6f0 [ 23.690087] ret_from_fork+0x116/0x1d0 [ 23.690262] ret_from_fork_asm+0x1a/0x30 [ 23.690466] [ 23.690556] kfence-#127: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.690556] [ 23.690855] allocated by task 343 on cpu 0 at 23.687656s (0.003198s ago): [ 23.691186] test_alloc+0x364/0x10f0 [ 23.691459] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 23.691770] kunit_try_run_case+0x1a5/0x480 [ 23.691981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.692159] kthread+0x337/0x6f0 [ 23.692306] ret_from_fork+0x116/0x1d0 [ 23.692493] ret_from_fork_asm+0x1a/0x30 [ 23.692717] [ 23.692791] freed by task 343 on cpu 0 at 23.687778s (0.005010s ago): [ 23.693060] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.693280] kunit_try_run_case+0x1a5/0x480 [ 23.693493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.693775] kthread+0x337/0x6f0 [ 23.694013] ret_from_fork+0x116/0x1d0 [ 23.694194] ret_from_fork_asm+0x1a/0x30 [ 23.694378] [ 23.694478] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.694934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.695126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.695475] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.517744] ================================================================== [ 11.518768] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 11.519847] Write of size 1 at addr ffff888102ad4073 by task kunit_try_catch/153 [ 11.520269] [ 11.521243] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.521576] Tainted: [N]=TEST [ 11.521605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.522038] Call Trace: [ 11.522112] <TASK> [ 11.522257] dump_stack_lvl+0x73/0xb0 [ 11.522415] print_report+0xd1/0x610 [ 11.522455] ? __virt_addr_valid+0x1db/0x2d0 [ 11.522479] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.522499] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.522520] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.522540] kasan_report+0x141/0x180 [ 11.522561] ? kmalloc_oob_right+0x6f0/0x7f0 [ 11.522586] __asan_report_store1_noabort+0x1b/0x30 [ 11.522608] kmalloc_oob_right+0x6f0/0x7f0 [ 11.522629] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.522650] ? __schedule+0x10cc/0x2b60 [ 11.522673] ? __pfx_read_tsc+0x10/0x10 [ 11.522694] ? ktime_get_ts64+0x86/0x230 [ 11.522719] kunit_try_run_case+0x1a5/0x480 [ 11.522744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.522765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.522788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.522810] ? __kthread_parkme+0x82/0x180 [ 11.522830] ? preempt_count_sub+0x50/0x80 [ 11.522853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.522876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.522897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.522931] kthread+0x337/0x6f0 [ 11.522950] ? trace_preempt_on+0x20/0xc0 [ 11.522973] ? __pfx_kthread+0x10/0x10 [ 11.522992] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.523012] ? calculate_sigpending+0x7b/0xa0 [ 11.523035] ? __pfx_kthread+0x10/0x10 [ 11.523059] ret_from_fork+0x116/0x1d0 [ 11.523077] ? __pfx_kthread+0x10/0x10 [ 11.523096] ret_from_fork_asm+0x1a/0x30 [ 11.523151] </TASK> [ 11.523216] [ 11.534165] Allocated by task 153: [ 11.534956] kasan_save_stack+0x45/0x70 [ 11.535197] kasan_save_track+0x18/0x40 [ 11.535656] kasan_save_alloc_info+0x3b/0x50 [ 11.535959] __kasan_kmalloc+0xb7/0xc0 [ 11.536422] __kmalloc_cache_noprof+0x189/0x420 [ 11.536648] kmalloc_oob_right+0xa9/0x7f0 [ 11.537015] kunit_try_run_case+0x1a5/0x480 [ 11.537352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.538138] kthread+0x337/0x6f0 [ 11.538313] ret_from_fork+0x116/0x1d0 [ 11.538679] ret_from_fork_asm+0x1a/0x30 [ 11.538936] [ 11.539092] The buggy address belongs to the object at ffff888102ad4000 [ 11.539092] which belongs to the cache kmalloc-128 of size 128 [ 11.540201] The buggy address is located 0 bytes to the right of [ 11.540201] allocated 115-byte region [ffff888102ad4000, ffff888102ad4073) [ 11.541441] [ 11.541804] The buggy address belongs to the physical page: [ 11.542529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 11.543395] flags: 0x200000000000000(node=0|zone=2) [ 11.544195] page_type: f5(slab) [ 11.544902] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.545252] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.546167] page dumped because: kasan: bad access detected [ 11.546689] [ 11.546965] Memory state around the buggy address: [ 11.547606] ffff888102ad3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.548323] ffff888102ad3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.548895] >ffff888102ad4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.549309] ^ [ 11.550308] ffff888102ad4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.551073] ffff888102ad4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.551848] ================================================================== [ 11.552896] ================================================================== [ 11.553242] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 11.553594] Write of size 1 at addr ffff888102ad4078 by task kunit_try_catch/153 [ 11.553903] [ 11.554100] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.554142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.554154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.554173] Call Trace: [ 11.554187] <TASK> [ 11.554202] dump_stack_lvl+0x73/0xb0 [ 11.554228] print_report+0xd1/0x610 [ 11.554247] ? __virt_addr_valid+0x1db/0x2d0 [ 11.554268] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.554287] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.554308] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.554328] kasan_report+0x141/0x180 [ 11.554348] ? kmalloc_oob_right+0x6bd/0x7f0 [ 11.554374] __asan_report_store1_noabort+0x1b/0x30 [ 11.554396] kmalloc_oob_right+0x6bd/0x7f0 [ 11.554417] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.554490] ? __schedule+0x10cc/0x2b60 [ 11.554511] ? __pfx_read_tsc+0x10/0x10 [ 11.554530] ? ktime_get_ts64+0x86/0x230 [ 11.554573] kunit_try_run_case+0x1a5/0x480 [ 11.554596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.554617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.554638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.554659] ? __kthread_parkme+0x82/0x180 [ 11.554678] ? preempt_count_sub+0x50/0x80 [ 11.554701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.554723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.554744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.554766] kthread+0x337/0x6f0 [ 11.554784] ? trace_preempt_on+0x20/0xc0 [ 11.554805] ? __pfx_kthread+0x10/0x10 [ 11.554825] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.554891] ? calculate_sigpending+0x7b/0xa0 [ 11.554930] ? __pfx_kthread+0x10/0x10 [ 11.554950] ret_from_fork+0x116/0x1d0 [ 11.554968] ? __pfx_kthread+0x10/0x10 [ 11.554987] ret_from_fork_asm+0x1a/0x30 [ 11.555065] </TASK> [ 11.555076] [ 11.565349] Allocated by task 153: [ 11.565677] kasan_save_stack+0x45/0x70 [ 11.565883] kasan_save_track+0x18/0x40 [ 11.566286] kasan_save_alloc_info+0x3b/0x50 [ 11.566737] __kasan_kmalloc+0xb7/0xc0 [ 11.567185] __kmalloc_cache_noprof+0x189/0x420 [ 11.567381] kmalloc_oob_right+0xa9/0x7f0 [ 11.567848] kunit_try_run_case+0x1a5/0x480 [ 11.568335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.568589] kthread+0x337/0x6f0 [ 11.568996] ret_from_fork+0x116/0x1d0 [ 11.569195] ret_from_fork_asm+0x1a/0x30 [ 11.569632] [ 11.569779] The buggy address belongs to the object at ffff888102ad4000 [ 11.569779] which belongs to the cache kmalloc-128 of size 128 [ 11.570649] The buggy address is located 5 bytes to the right of [ 11.570649] allocated 115-byte region [ffff888102ad4000, ffff888102ad4073) [ 11.571556] [ 11.571666] The buggy address belongs to the physical page: [ 11.572326] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 11.572818] flags: 0x200000000000000(node=0|zone=2) [ 11.573018] page_type: f5(slab) [ 11.573564] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.574201] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.574842] page dumped because: kasan: bad access detected [ 11.575102] [ 11.575198] Memory state around the buggy address: [ 11.575776] ffff888102ad3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.576066] ffff888102ad3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.576588] >ffff888102ad4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.577082] ^ [ 11.577545] ffff888102ad4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.578103] ffff888102ad4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.578639] ================================================================== [ 11.580523] ================================================================== [ 11.580947] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 11.581257] Read of size 1 at addr ffff888102ad4080 by task kunit_try_catch/153 [ 11.581779] [ 11.581950] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.581994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.582005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.582025] Call Trace: [ 11.582038] <TASK> [ 11.582052] dump_stack_lvl+0x73/0xb0 [ 11.582079] print_report+0xd1/0x610 [ 11.582099] ? __virt_addr_valid+0x1db/0x2d0 [ 11.582119] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.582138] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.582159] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.582179] kasan_report+0x141/0x180 [ 11.582199] ? kmalloc_oob_right+0x68a/0x7f0 [ 11.582224] __asan_report_load1_noabort+0x18/0x20 [ 11.582284] kmalloc_oob_right+0x68a/0x7f0 [ 11.582324] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.582346] ? __schedule+0x10cc/0x2b60 [ 11.582559] ? __pfx_read_tsc+0x10/0x10 [ 11.582580] ? ktime_get_ts64+0x86/0x230 [ 11.582604] kunit_try_run_case+0x1a5/0x480 [ 11.582627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.582648] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.582669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.582705] ? __kthread_parkme+0x82/0x180 [ 11.582723] ? preempt_count_sub+0x50/0x80 [ 11.582746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.582768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.582789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.582811] kthread+0x337/0x6f0 [ 11.582829] ? trace_preempt_on+0x20/0xc0 [ 11.582850] ? __pfx_kthread+0x10/0x10 [ 11.582869] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.582889] ? calculate_sigpending+0x7b/0xa0 [ 11.582922] ? __pfx_kthread+0x10/0x10 [ 11.582943] ret_from_fork+0x116/0x1d0 [ 11.582960] ? __pfx_kthread+0x10/0x10 [ 11.582980] ret_from_fork_asm+0x1a/0x30 [ 11.583008] </TASK> [ 11.583018] [ 11.591712] Allocated by task 153: [ 11.591883] kasan_save_stack+0x45/0x70 [ 11.592151] kasan_save_track+0x18/0x40 [ 11.592303] kasan_save_alloc_info+0x3b/0x50 [ 11.592475] __kasan_kmalloc+0xb7/0xc0 [ 11.592650] __kmalloc_cache_noprof+0x189/0x420 [ 11.592881] kmalloc_oob_right+0xa9/0x7f0 [ 11.593088] kunit_try_run_case+0x1a5/0x480 [ 11.593297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.593511] kthread+0x337/0x6f0 [ 11.593630] ret_from_fork+0x116/0x1d0 [ 11.593791] ret_from_fork_asm+0x1a/0x30 [ 11.594135] [ 11.594232] The buggy address belongs to the object at ffff888102ad4000 [ 11.594232] which belongs to the cache kmalloc-128 of size 128 [ 11.595095] The buggy address is located 13 bytes to the right of [ 11.595095] allocated 115-byte region [ffff888102ad4000, ffff888102ad4073) [ 11.595774] [ 11.595902] The buggy address belongs to the physical page: [ 11.596133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 11.596447] flags: 0x200000000000000(node=0|zone=2) [ 11.596744] page_type: f5(slab) [ 11.596949] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.597429] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.597826] page dumped because: kasan: bad access detected [ 11.598107] [ 11.598177] Memory state around the buggy address: [ 11.598600] ffff888102ad3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.598998] ffff888102ad4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.599418] >ffff888102ad4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.599686] ^ [ 11.599890] ffff888102ad4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.600229] ffff888102ad4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.600621] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 141.733929] WARNING: CPU: 0 PID: 2764 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.734234] Modules linked in: [ 141.734947] CPU: 0 UID: 0 PID: 2764 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.736461] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.736990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.737936] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.738632] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.739765] RSP: 0000:ffff88810ac97c78 EFLAGS: 00010286 [ 141.740271] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.740835] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff95033d3c [ 141.741659] RBP: ffff88810ac97ca0 R08: 0000000000000000 R09: ffffed10205a6860 [ 141.742235] R10: ffff888102d34307 R11: 0000000000000000 R12: ffffffff95033d28 [ 141.742461] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810ac97d38 [ 141.742760] FS: 0000000000000000(0000) GS:ffff8881c4072000(0000) knlGS:0000000000000000 [ 141.743189] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.743901] CR2: 00007ffff7ffe000 CR3: 0000000050abc000 CR4: 00000000000006f0 [ 141.744743] DR0: ffffffff97052440 DR1: ffffffff97052441 DR2: ffffffff97052442 [ 141.745300] DR3: ffffffff97052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.745670] Call Trace: [ 141.745964] <TASK> [ 141.746182] drm_test_rect_calc_vscale+0x108/0x270 [ 141.746648] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.746853] ? __schedule+0x10cc/0x2b60 [ 141.747241] ? __pfx_read_tsc+0x10/0x10 [ 141.747686] ? ktime_get_ts64+0x86/0x230 [ 141.748016] kunit_try_run_case+0x1a5/0x480 [ 141.748205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.748747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.749190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.749434] ? __kthread_parkme+0x82/0x180 [ 141.749611] ? preempt_count_sub+0x50/0x80 [ 141.750077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.750575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.751160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.751641] kthread+0x337/0x6f0 [ 141.751773] ? trace_preempt_on+0x20/0xc0 [ 141.751919] ? __pfx_kthread+0x10/0x10 [ 141.752057] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.752208] ? calculate_sigpending+0x7b/0xa0 [ 141.752437] ? __pfx_kthread+0x10/0x10 [ 141.752829] ret_from_fork+0x116/0x1d0 [ 141.753224] ? __pfx_kthread+0x10/0x10 [ 141.753751] ret_from_fork_asm+0x1a/0x30 [ 141.754169] </TASK> [ 141.754419] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.757226] WARNING: CPU: 1 PID: 2766 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.758142] Modules linked in: [ 141.758550] CPU: 1 UID: 0 PID: 2766 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.759035] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.759282] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.759996] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.760332] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.762081] RSP: 0000:ffff88810aa97c78 EFLAGS: 00010286 [ 141.762539] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.762888] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff95033d74 [ 141.763543] RBP: ffff88810aa97ca0 R08: 0000000000000000 R09: ffffed10205a68a0 [ 141.763963] R10: ffff888102d34507 R11: 0000000000000000 R12: ffffffff95033d60 [ 141.764303] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810aa97d38 [ 141.764752] FS: 0000000000000000(0000) GS:ffff8881c4172000(0000) knlGS:0000000000000000 [ 141.765275] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.765780] CR2: 00007ffff7ffe000 CR3: 0000000050abc000 CR4: 00000000000006f0 [ 141.766099] DR0: ffffffff97052440 DR1: ffffffff97052441 DR2: ffffffff97052443 [ 141.766603] DR3: ffffffff97052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.767064] Call Trace: [ 141.767318] <TASK> [ 141.767730] drm_test_rect_calc_vscale+0x108/0x270 [ 141.768176] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.768526] ? __schedule+0x10cc/0x2b60 [ 141.768908] ? __pfx_read_tsc+0x10/0x10 [ 141.769238] ? ktime_get_ts64+0x86/0x230 [ 141.769662] kunit_try_run_case+0x1a5/0x480 [ 141.770025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.770248] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.770686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.770952] ? __kthread_parkme+0x82/0x180 [ 141.771160] ? preempt_count_sub+0x50/0x80 [ 141.771339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.771828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.772136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.772514] kthread+0x337/0x6f0 [ 141.772740] ? trace_preempt_on+0x20/0xc0 [ 141.772992] ? __pfx_kthread+0x10/0x10 [ 141.773194] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.773532] ? calculate_sigpending+0x7b/0xa0 [ 141.773879] ? __pfx_kthread+0x10/0x10 [ 141.774034] ret_from_fork+0x116/0x1d0 [ 141.774272] ? __pfx_kthread+0x10/0x10 [ 141.774847] ret_from_fork_asm+0x1a/0x30 [ 141.775031] </TASK> [ 141.775191] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 141.699999] WARNING: CPU: 0 PID: 2754 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.700659] Modules linked in: [ 141.700859] CPU: 0 UID: 0 PID: 2754 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.701684] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.701951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.702337] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.702711] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e4 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.703397] RSP: 0000:ffff88810ac97c78 EFLAGS: 00010286 [ 141.703840] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.704110] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff95033d78 [ 141.704511] RBP: ffff88810ac97ca0 R08: 0000000000000000 R09: ffffed102185cbc0 [ 141.704848] R10: ffff88810c2e5e07 R11: 0000000000000000 R12: ffffffff95033d60 [ 141.705141] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810ac97d38 [ 141.705606] FS: 0000000000000000(0000) GS:ffff8881c4072000(0000) knlGS:0000000000000000 [ 141.705906] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.706266] CR2: 00007ffff7ffe000 CR3: 0000000050abc000 CR4: 00000000000006f0 [ 141.706684] DR0: ffffffff97052440 DR1: ffffffff97052441 DR2: ffffffff97052442 [ 141.706960] DR3: ffffffff97052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.707261] Call Trace: [ 141.707480] <TASK> [ 141.707595] drm_test_rect_calc_hscale+0x108/0x270 [ 141.707881] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.708076] ? __schedule+0x10cc/0x2b60 [ 141.708271] ? __pfx_read_tsc+0x10/0x10 [ 141.708726] ? ktime_get_ts64+0x86/0x230 [ 141.708933] kunit_try_run_case+0x1a5/0x480 [ 141.709123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.709401] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.709942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.710127] ? __kthread_parkme+0x82/0x180 [ 141.710339] ? preempt_count_sub+0x50/0x80 [ 141.711116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.711320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.711804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.712151] kthread+0x337/0x6f0 [ 141.712342] ? trace_preempt_on+0x20/0xc0 [ 141.712802] ? __pfx_kthread+0x10/0x10 [ 141.712986] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.713187] ? calculate_sigpending+0x7b/0xa0 [ 141.713758] ? __pfx_kthread+0x10/0x10 [ 141.713952] ret_from_fork+0x116/0x1d0 [ 141.714094] ? __pfx_kthread+0x10/0x10 [ 141.714492] ret_from_fork_asm+0x1a/0x30 [ 141.714811] </TASK> [ 141.714985] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.676077] WARNING: CPU: 0 PID: 2752 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.676694] Modules linked in: [ 141.676864] CPU: 0 UID: 0 PID: 2752 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.677196] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.677456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.678160] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.678356] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db e4 1e 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.679388] RSP: 0000:ffff88810ab27c78 EFLAGS: 00010286 [ 141.679684] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.679945] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff95033d40 [ 141.680231] RBP: ffff88810ab27ca0 R08: 0000000000000000 R09: ffffed102185cba0 [ 141.680841] R10: ffff88810c2e5d07 R11: 0000000000000000 R12: ffffffff95033d28 [ 141.681210] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810ab27d38 [ 141.681646] FS: 0000000000000000(0000) GS:ffff8881c4072000(0000) knlGS:0000000000000000 [ 141.682244] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.682691] CR2: 00007ffff7ffe000 CR3: 0000000050abc000 CR4: 00000000000006f0 [ 141.683157] DR0: ffffffff97052440 DR1: ffffffff97052441 DR2: ffffffff97052442 [ 141.683616] DR3: ffffffff97052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.684042] Call Trace: [ 141.684297] <TASK> [ 141.684679] drm_test_rect_calc_hscale+0x108/0x270 [ 141.684935] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.685180] ? __schedule+0x10cc/0x2b60 [ 141.685667] ? __pfx_read_tsc+0x10/0x10 [ 141.685845] ? ktime_get_ts64+0x86/0x230 [ 141.686232] kunit_try_run_case+0x1a5/0x480 [ 141.686631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.686994] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.687344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.687805] ? __kthread_parkme+0x82/0x180 [ 141.688046] ? preempt_count_sub+0x50/0x80 [ 141.688448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.688691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.689036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.689311] kthread+0x337/0x6f0 [ 141.689742] ? trace_preempt_on+0x20/0xc0 [ 141.690154] ? __pfx_kthread+0x10/0x10 [ 141.690343] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.690885] ? calculate_sigpending+0x7b/0xa0 [ 141.691191] ? __pfx_kthread+0x10/0x10 [ 141.691377] ret_from_fork+0x116/0x1d0 [ 141.691848] ? __pfx_kthread+0x10/0x10 [ 141.692211] ret_from_fork_asm+0x1a/0x30 [ 141.692434] </TASK> [ 141.692834] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.479871] ================================================================== [ 23.480289] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.480289] [ 23.480751] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#125): [ 23.481505] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.482056] kunit_try_run_case+0x1a5/0x480 [ 23.482337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.482633] kthread+0x337/0x6f0 [ 23.482969] ret_from_fork+0x116/0x1d0 [ 23.483171] ret_from_fork_asm+0x1a/0x30 [ 23.483373] [ 23.483460] kfence-#125: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.483460] [ 23.483919] allocated by task 341 on cpu 1 at 23.479644s (0.004273s ago): [ 23.484561] test_alloc+0x364/0x10f0 [ 23.484866] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.485224] kunit_try_run_case+0x1a5/0x480 [ 23.485565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.485950] kthread+0x337/0x6f0 [ 23.486092] ret_from_fork+0x116/0x1d0 [ 23.486371] ret_from_fork_asm+0x1a/0x30 [ 23.486733] [ 23.486985] CPU: 1 UID: 0 PID: 341 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 23.487600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.487854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.488373] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.007868] ================================================================== [ 19.008280] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 19.008280] [ 19.008589] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#82): [ 19.009093] test_corruption+0x2df/0x3e0 [ 19.009273] kunit_try_run_case+0x1a5/0x480 [ 19.009444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.009704] kthread+0x337/0x6f0 [ 19.009914] ret_from_fork+0x116/0x1d0 [ 19.010113] ret_from_fork_asm+0x1a/0x30 [ 19.010291] [ 19.010370] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.010370] [ 19.010820] allocated by task 329 on cpu 0 at 19.007621s (0.003197s ago): [ 19.011132] test_alloc+0x364/0x10f0 [ 19.011314] test_corruption+0x1cb/0x3e0 [ 19.011485] kunit_try_run_case+0x1a5/0x480 [ 19.011634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.011821] kthread+0x337/0x6f0 [ 19.011999] ret_from_fork+0x116/0x1d0 [ 19.012204] ret_from_fork_asm+0x1a/0x30 [ 19.012456] [ 19.012544] freed by task 329 on cpu 0 at 19.007708s (0.004834s ago): [ 19.012944] test_corruption+0x2df/0x3e0 [ 19.013135] kunit_try_run_case+0x1a5/0x480 [ 19.013316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.013491] kthread+0x337/0x6f0 [ 19.013656] ret_from_fork+0x116/0x1d0 [ 19.013853] ret_from_fork_asm+0x1a/0x30 [ 19.014059] [ 19.014178] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.014610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.014853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.015171] ================================================================== [ 18.487949] ================================================================== [ 18.488367] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.488367] [ 18.488654] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#77): [ 18.489434] test_corruption+0x2d2/0x3e0 [ 18.489605] kunit_try_run_case+0x1a5/0x480 [ 18.489886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.490097] kthread+0x337/0x6f0 [ 18.490273] ret_from_fork+0x116/0x1d0 [ 18.490447] ret_from_fork_asm+0x1a/0x30 [ 18.490629] [ 18.490719] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.490719] [ 18.491188] allocated by task 329 on cpu 0 at 18.487701s (0.003485s ago): [ 18.491433] test_alloc+0x364/0x10f0 [ 18.491567] test_corruption+0xe6/0x3e0 [ 18.491752] kunit_try_run_case+0x1a5/0x480 [ 18.492047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.492230] kthread+0x337/0x6f0 [ 18.492351] ret_from_fork+0x116/0x1d0 [ 18.492942] ret_from_fork_asm+0x1a/0x30 [ 18.493160] [ 18.493699] freed by task 329 on cpu 0 at 18.487785s (0.005911s ago): [ 18.494031] test_corruption+0x2d2/0x3e0 [ 18.494216] kunit_try_run_case+0x1a5/0x480 [ 18.494405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.494620] kthread+0x337/0x6f0 [ 18.495211] ret_from_fork+0x116/0x1d0 [ 18.495476] ret_from_fork_asm+0x1a/0x30 [ 18.495653] [ 18.495773] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.496213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.496417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.496792] ================================================================== [ 19.215750] ================================================================== [ 19.216157] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.216157] [ 19.216522] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#84): [ 19.217767] test_corruption+0x131/0x3e0 [ 19.218022] kunit_try_run_case+0x1a5/0x480 [ 19.218355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.218689] kthread+0x337/0x6f0 [ 19.218944] ret_from_fork+0x116/0x1d0 [ 19.219266] ret_from_fork_asm+0x1a/0x30 [ 19.219476] [ 19.219557] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.219557] [ 19.220147] allocated by task 331 on cpu 1 at 19.215648s (0.004496s ago): [ 19.220478] test_alloc+0x2a6/0x10f0 [ 19.220853] test_corruption+0xe6/0x3e0 [ 19.221078] kunit_try_run_case+0x1a5/0x480 [ 19.221395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.221654] kthread+0x337/0x6f0 [ 19.221978] ret_from_fork+0x116/0x1d0 [ 19.222262] ret_from_fork_asm+0x1a/0x30 [ 19.222446] [ 19.222529] freed by task 331 on cpu 1 at 19.215678s (0.006849s ago): [ 19.223073] test_corruption+0x131/0x3e0 [ 19.223234] kunit_try_run_case+0x1a5/0x480 [ 19.223613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.223917] kthread+0x337/0x6f0 [ 19.224207] ret_from_fork+0x116/0x1d0 [ 19.224487] ret_from_fork_asm+0x1a/0x30 [ 19.224661] [ 19.224943] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.225423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.225622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.226187] ================================================================== [ 19.319790] ================================================================== [ 19.320181] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.320181] [ 19.320542] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#85): [ 19.321056] test_corruption+0x216/0x3e0 [ 19.321510] kunit_try_run_case+0x1a5/0x480 [ 19.321678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.321945] kthread+0x337/0x6f0 [ 19.322498] ret_from_fork+0x116/0x1d0 [ 19.322814] ret_from_fork_asm+0x1a/0x30 [ 19.322988] [ 19.323092] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.323092] [ 19.323458] allocated by task 331 on cpu 1 at 19.319678s (0.003778s ago): [ 19.323739] test_alloc+0x2a6/0x10f0 [ 19.323939] test_corruption+0x1cb/0x3e0 [ 19.324112] kunit_try_run_case+0x1a5/0x480 [ 19.324327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.324558] kthread+0x337/0x6f0 [ 19.325160] ret_from_fork+0x116/0x1d0 [ 19.325407] ret_from_fork_asm+0x1a/0x30 [ 19.325600] [ 19.325766] freed by task 331 on cpu 1 at 19.319724s (0.006040s ago): [ 19.326161] test_corruption+0x216/0x3e0 [ 19.326414] kunit_try_run_case+0x1a5/0x480 [ 19.326598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.327063] kthread+0x337/0x6f0 [ 19.327308] ret_from_fork+0x116/0x1d0 [ 19.327575] ret_from_fork_asm+0x1a/0x30 [ 19.327775] [ 19.328089] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 19.328614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.328893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.329343] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.383763] ================================================================== [ 18.384170] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.384170] [ 18.384584] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 18.384921] test_invalid_addr_free+0xfb/0x260 [ 18.385536] kunit_try_run_case+0x1a5/0x480 [ 18.385700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.386089] kthread+0x337/0x6f0 [ 18.386264] ret_from_fork+0x116/0x1d0 [ 18.386446] ret_from_fork_asm+0x1a/0x30 [ 18.386631] [ 18.387128] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.387128] [ 18.387475] allocated by task 327 on cpu 1 at 18.383661s (0.003812s ago): [ 18.388000] test_alloc+0x2a6/0x10f0 [ 18.388192] test_invalid_addr_free+0xdb/0x260 [ 18.388376] kunit_try_run_case+0x1a5/0x480 [ 18.388589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.389029] kthread+0x337/0x6f0 [ 18.389186] ret_from_fork+0x116/0x1d0 [ 18.389523] ret_from_fork_asm+0x1a/0x30 [ 18.389733] [ 18.389851] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.390323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.390507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.391165] ================================================================== [ 18.279782] ================================================================== [ 18.280211] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.280211] [ 18.280575] Invalid free of 0x(____ptrval____) (in kfence-#75): [ 18.281218] test_invalid_addr_free+0x1e1/0x260 [ 18.281463] kunit_try_run_case+0x1a5/0x480 [ 18.281657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.282076] kthread+0x337/0x6f0 [ 18.282365] ret_from_fork+0x116/0x1d0 [ 18.282530] ret_from_fork_asm+0x1a/0x30 [ 18.282709] [ 18.282815] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.282815] [ 18.283229] allocated by task 325 on cpu 1 at 18.279663s (0.003563s ago): [ 18.283503] test_alloc+0x364/0x10f0 [ 18.283672] test_invalid_addr_free+0xdb/0x260 [ 18.284336] kunit_try_run_case+0x1a5/0x480 [ 18.284583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.284976] kthread+0x337/0x6f0 [ 18.285141] ret_from_fork+0x116/0x1d0 [ 18.285468] ret_from_fork_asm+0x1a/0x30 [ 18.285749] [ 18.285865] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.286473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.286748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.287239] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.175843] ================================================================== [ 18.176246] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.176246] [ 18.176661] Invalid free of 0x(____ptrval____) (in kfence-#74): [ 18.177210] test_double_free+0x112/0x260 [ 18.177436] kunit_try_run_case+0x1a5/0x480 [ 18.177651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.177885] kthread+0x337/0x6f0 [ 18.178088] ret_from_fork+0x116/0x1d0 [ 18.178282] ret_from_fork_asm+0x1a/0x30 [ 18.178441] [ 18.178544] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.178544] [ 18.178970] allocated by task 323 on cpu 0 at 18.175687s (0.003281s ago): [ 18.179274] test_alloc+0x2a6/0x10f0 [ 18.179403] test_double_free+0xdb/0x260 [ 18.179600] kunit_try_run_case+0x1a5/0x480 [ 18.179953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.180220] kthread+0x337/0x6f0 [ 18.180361] ret_from_fork+0x116/0x1d0 [ 18.180555] ret_from_fork_asm+0x1a/0x30 [ 18.180770] [ 18.180865] freed by task 323 on cpu 0 at 18.175743s (0.005120s ago): [ 18.181183] test_double_free+0xfa/0x260 [ 18.181522] kunit_try_run_case+0x1a5/0x480 [ 18.181694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.181921] kthread+0x337/0x6f0 [ 18.182093] ret_from_fork+0x116/0x1d0 [ 18.182268] ret_from_fork_asm+0x1a/0x30 [ 18.182432] [ 18.182526] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.182893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.183132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.183516] ================================================================== [ 18.071932] ================================================================== [ 18.072352] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.072352] [ 18.072775] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 18.073123] test_double_free+0x1d3/0x260 [ 18.073333] kunit_try_run_case+0x1a5/0x480 [ 18.073509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.073737] kthread+0x337/0x6f0 [ 18.073965] ret_from_fork+0x116/0x1d0 [ 18.074194] ret_from_fork_asm+0x1a/0x30 [ 18.074353] [ 18.074452] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.074452] [ 18.074899] allocated by task 321 on cpu 0 at 18.071675s (0.003222s ago): [ 18.075332] test_alloc+0x364/0x10f0 [ 18.075543] test_double_free+0xdb/0x260 [ 18.075740] kunit_try_run_case+0x1a5/0x480 [ 18.075982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.076256] kthread+0x337/0x6f0 [ 18.076405] ret_from_fork+0x116/0x1d0 [ 18.076620] ret_from_fork_asm+0x1a/0x30 [ 18.076846] [ 18.076951] freed by task 321 on cpu 0 at 18.071739s (0.005209s ago): [ 18.077261] test_double_free+0x1e0/0x260 [ 18.077493] kunit_try_run_case+0x1a5/0x480 [ 18.077703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.077964] kthread+0x337/0x6f0 [ 18.078238] ret_from_fork+0x116/0x1d0 [ 18.078434] ret_from_fork_asm+0x1a/0x30 [ 18.078637] [ 18.078755] CPU: 0 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 18.079226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.079386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.079650] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.759827] ================================================================== [ 17.760244] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.760244] [ 17.760752] Use-after-free read at 0x(____ptrval____) (in kfence-#70): [ 17.761158] test_use_after_free_read+0x129/0x270 [ 17.761321] kunit_try_run_case+0x1a5/0x480 [ 17.761902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.762166] kthread+0x337/0x6f0 [ 17.762335] ret_from_fork+0x116/0x1d0 [ 17.762513] ret_from_fork_asm+0x1a/0x30 [ 17.763145] [ 17.763241] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.763241] [ 17.763622] allocated by task 315 on cpu 1 at 17.759646s (0.003974s ago): [ 17.764161] test_alloc+0x2a6/0x10f0 [ 17.764317] test_use_after_free_read+0xdc/0x270 [ 17.764548] kunit_try_run_case+0x1a5/0x480 [ 17.764747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.765032] kthread+0x337/0x6f0 [ 17.765270] ret_from_fork+0x116/0x1d0 [ 17.765459] ret_from_fork_asm+0x1a/0x30 [ 17.765635] [ 17.765726] freed by task 315 on cpu 1 at 17.759695s (0.006028s ago): [ 17.766056] test_use_after_free_read+0xfb/0x270 [ 17.766274] kunit_try_run_case+0x1a5/0x480 [ 17.766479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.766759] kthread+0x337/0x6f0 [ 17.766922] ret_from_fork+0x116/0x1d0 [ 17.767080] ret_from_fork_asm+0x1a/0x30 [ 17.767269] [ 17.767390] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.767726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.767864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.768535] ================================================================== [ 17.655871] ================================================================== [ 17.656325] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.656325] [ 17.656725] Use-after-free read at 0x(____ptrval____) (in kfence-#69): [ 17.657086] test_use_after_free_read+0x129/0x270 [ 17.657300] kunit_try_run_case+0x1a5/0x480 [ 17.657832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.658290] kthread+0x337/0x6f0 [ 17.658720] ret_from_fork+0x116/0x1d0 [ 17.658920] ret_from_fork_asm+0x1a/0x30 [ 17.659271] [ 17.659385] kfence-#69: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.659385] [ 17.659985] allocated by task 313 on cpu 0 at 17.655670s (0.004313s ago): [ 17.660503] test_alloc+0x364/0x10f0 [ 17.660810] test_use_after_free_read+0xdc/0x270 [ 17.661075] kunit_try_run_case+0x1a5/0x480 [ 17.661417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.661652] kthread+0x337/0x6f0 [ 17.661879] ret_from_fork+0x116/0x1d0 [ 17.662323] ret_from_fork_asm+0x1a/0x30 [ 17.662637] [ 17.662914] freed by task 313 on cpu 0 at 17.655720s (0.007093s ago): [ 17.663269] test_use_after_free_read+0x1e7/0x270 [ 17.663475] kunit_try_run_case+0x1a5/0x480 [ 17.663983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.664233] kthread+0x337/0x6f0 [ 17.664476] ret_from_fork+0x116/0x1d0 [ 17.664799] ret_from_fork_asm+0x1a/0x30 [ 17.665028] [ 17.665299] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.665870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.666142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.666620] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.551705] ================================================================== [ 17.552116] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.552116] [ 17.552611] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#68): [ 17.552998] test_out_of_bounds_write+0x10d/0x260 [ 17.553227] kunit_try_run_case+0x1a5/0x480 [ 17.553433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.553679] kthread+0x337/0x6f0 [ 17.553837] ret_from_fork+0x116/0x1d0 [ 17.554032] ret_from_fork_asm+0x1a/0x30 [ 17.554232] [ 17.554317] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.554317] [ 17.555250] allocated by task 311 on cpu 0 at 17.551649s (0.003597s ago): [ 17.555505] test_alloc+0x2a6/0x10f0 [ 17.555643] test_out_of_bounds_write+0xd4/0x260 [ 17.556203] kunit_try_run_case+0x1a5/0x480 [ 17.556404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.556649] kthread+0x337/0x6f0 [ 17.556806] ret_from_fork+0x116/0x1d0 [ 17.557126] ret_from_fork_asm+0x1a/0x30 [ 17.557299] [ 17.557406] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.557930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.558129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.558489] ================================================================== [ 17.343739] ================================================================== [ 17.344152] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.344152] [ 17.344600] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#66): [ 17.345152] test_out_of_bounds_write+0x10d/0x260 [ 17.345793] kunit_try_run_case+0x1a5/0x480 [ 17.346216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.346638] kthread+0x337/0x6f0 [ 17.346850] ret_from_fork+0x116/0x1d0 [ 17.347167] ret_from_fork_asm+0x1a/0x30 [ 17.347476] [ 17.347596] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.347596] [ 17.348162] allocated by task 309 on cpu 0 at 17.343632s (0.004528s ago): [ 17.348505] test_alloc+0x364/0x10f0 [ 17.348674] test_out_of_bounds_write+0xd4/0x260 [ 17.349139] kunit_try_run_case+0x1a5/0x480 [ 17.349317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.349700] kthread+0x337/0x6f0 [ 17.349893] ret_from_fork+0x116/0x1d0 [ 17.350209] ret_from_fork_asm+0x1a/0x30 [ 17.350419] [ 17.350713] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.351180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.351470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.351947] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.135716] ================================================================== [ 17.136131] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.136131] [ 17.136615] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 17.137353] test_out_of_bounds_read+0x216/0x4e0 [ 17.137694] kunit_try_run_case+0x1a5/0x480 [ 17.138082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.138307] kthread+0x337/0x6f0 [ 17.138481] ret_from_fork+0x116/0x1d0 [ 17.138650] ret_from_fork_asm+0x1a/0x30 [ 17.139156] [ 17.139244] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.139244] [ 17.139771] allocated by task 307 on cpu 0 at 17.135658s (0.004111s ago): [ 17.140253] test_alloc+0x2a6/0x10f0 [ 17.140482] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.140795] kunit_try_run_case+0x1a5/0x480 [ 17.140986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.141322] kthread+0x337/0x6f0 [ 17.141601] ret_from_fork+0x116/0x1d0 [ 17.141802] ret_from_fork_asm+0x1a/0x30 [ 17.142011] [ 17.142114] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 17.142568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.143016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.143444] ================================================================== [ 16.719796] ================================================================== [ 16.720190] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.720190] [ 16.720630] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#60): [ 16.721019] test_out_of_bounds_read+0x216/0x4e0 [ 16.721246] kunit_try_run_case+0x1a5/0x480 [ 16.721406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.721700] kthread+0x337/0x6f0 [ 16.721868] ret_from_fork+0x116/0x1d0 [ 16.722060] ret_from_fork_asm+0x1a/0x30 [ 16.722274] [ 16.722360] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.722360] [ 16.722699] allocated by task 305 on cpu 1 at 16.719600s (0.003097s ago): [ 16.723037] test_alloc+0x364/0x10f0 [ 16.723235] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.723413] kunit_try_run_case+0x1a5/0x480 [ 16.723623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.724086] kthread+0x337/0x6f0 [ 16.724216] ret_from_fork+0x116/0x1d0 [ 16.724425] ret_from_fork_asm+0x1a/0x30 [ 16.724574] [ 16.724667] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.725177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.725388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.725707] ================================================================== [ 16.616939] ================================================================== [ 16.617379] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.617379] [ 16.617879] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#59): [ 16.618339] test_out_of_bounds_read+0x126/0x4e0 [ 16.618618] kunit_try_run_case+0x1a5/0x480 [ 16.618862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.619101] kthread+0x337/0x6f0 [ 16.619284] ret_from_fork+0x116/0x1d0 [ 16.619462] ret_from_fork_asm+0x1a/0x30 [ 16.619672] [ 16.619951] kfence-#59: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.619951] [ 16.620440] allocated by task 305 on cpu 1 at 16.615692s (0.004690s ago): [ 16.621024] test_alloc+0x364/0x10f0 [ 16.621265] test_out_of_bounds_read+0xed/0x4e0 [ 16.621482] kunit_try_run_case+0x1a5/0x480 [ 16.621669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.621935] kthread+0x337/0x6f0 [ 16.622114] ret_from_fork+0x116/0x1d0 [ 16.622293] ret_from_fork_asm+0x1a/0x30 [ 16.622558] [ 16.622730] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.623227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.623386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.623722] ================================================================== [ 16.927710] ================================================================== [ 16.928237] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 16.928237] [ 16.929321] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#62): [ 16.929571] test_out_of_bounds_read+0x126/0x4e0 [ 16.929755] kunit_try_run_case+0x1a5/0x480 [ 16.930148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.930420] kthread+0x337/0x6f0 [ 16.930606] ret_from_fork+0x116/0x1d0 [ 16.931256] ret_from_fork_asm+0x1a/0x30 [ 16.931422] [ 16.931591] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.931591] [ 16.932146] allocated by task 307 on cpu 0 at 16.927648s (0.004495s ago): [ 16.932514] test_alloc+0x2a6/0x10f0 [ 16.932918] test_out_of_bounds_read+0xed/0x4e0 [ 16.933202] kunit_try_run_case+0x1a5/0x480 [ 16.933372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.933819] kthread+0x337/0x6f0 [ 16.933992] ret_from_fork+0x116/0x1d0 [ 16.934305] ret_from_fork_asm+0x1a/0x30 [ 16.934547] [ 16.934680] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.935164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.935355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.935954] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.490049] ================================================================== [ 16.490768] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.491146] Write of size 1 at addr ffff888102ad4e78 by task kunit_try_catch/303 [ 16.491457] [ 16.491545] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.491588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.491601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.491623] Call Trace: [ 16.491638] <TASK> [ 16.491653] dump_stack_lvl+0x73/0xb0 [ 16.491681] print_report+0xd1/0x610 [ 16.491704] ? __virt_addr_valid+0x1db/0x2d0 [ 16.491726] ? strncpy_from_user+0x1a5/0x1d0 [ 16.491960] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.492104] ? strncpy_from_user+0x1a5/0x1d0 [ 16.492130] kasan_report+0x141/0x180 [ 16.492153] ? strncpy_from_user+0x1a5/0x1d0 [ 16.492181] __asan_report_store1_noabort+0x1b/0x30 [ 16.492206] strncpy_from_user+0x1a5/0x1d0 [ 16.492231] copy_user_test_oob+0x760/0x10f0 [ 16.492258] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.492281] ? finish_task_switch.isra.0+0x153/0x700 [ 16.492304] ? __switch_to+0x47/0xf50 [ 16.492329] ? __schedule+0x10cc/0x2b60 [ 16.492352] ? __pfx_read_tsc+0x10/0x10 [ 16.492373] ? ktime_get_ts64+0x86/0x230 [ 16.492397] kunit_try_run_case+0x1a5/0x480 [ 16.492421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.492443] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.492466] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.492489] ? __kthread_parkme+0x82/0x180 [ 16.492509] ? preempt_count_sub+0x50/0x80 [ 16.492532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.492556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.492579] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.492602] kthread+0x337/0x6f0 [ 16.492622] ? trace_preempt_on+0x20/0xc0 [ 16.492644] ? __pfx_kthread+0x10/0x10 [ 16.492665] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.492696] ? calculate_sigpending+0x7b/0xa0 [ 16.492719] ? __pfx_kthread+0x10/0x10 [ 16.492741] ret_from_fork+0x116/0x1d0 [ 16.492759] ? __pfx_kthread+0x10/0x10 [ 16.492779] ret_from_fork_asm+0x1a/0x30 [ 16.492809] </TASK> [ 16.492819] [ 16.502599] Allocated by task 303: [ 16.502766] kasan_save_stack+0x45/0x70 [ 16.502979] kasan_save_track+0x18/0x40 [ 16.503161] kasan_save_alloc_info+0x3b/0x50 [ 16.503368] __kasan_kmalloc+0xb7/0xc0 [ 16.503551] __kmalloc_noprof+0x1c9/0x500 [ 16.504353] kunit_kmalloc_array+0x25/0x60 [ 16.504531] copy_user_test_oob+0xab/0x10f0 [ 16.504823] kunit_try_run_case+0x1a5/0x480 [ 16.505275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.505755] kthread+0x337/0x6f0 [ 16.505888] ret_from_fork+0x116/0x1d0 [ 16.506033] ret_from_fork_asm+0x1a/0x30 [ 16.506174] [ 16.506246] The buggy address belongs to the object at ffff888102ad4e00 [ 16.506246] which belongs to the cache kmalloc-128 of size 128 [ 16.506604] The buggy address is located 0 bytes to the right of [ 16.506604] allocated 120-byte region [ffff888102ad4e00, ffff888102ad4e78) [ 16.507761] [ 16.507933] The buggy address belongs to the physical page: [ 16.508400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 16.509082] flags: 0x200000000000000(node=0|zone=2) [ 16.509522] page_type: f5(slab) [ 16.509850] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.510494] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.511178] page dumped because: kasan: bad access detected [ 16.511633] [ 16.511709] Memory state around the buggy address: [ 16.511920] ffff888102ad4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.512141] ffff888102ad4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.512358] >ffff888102ad4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.512570] ^ [ 16.513185] ffff888102ad4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.513416] ffff888102ad4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.513632] ================================================================== [ 16.465698] ================================================================== [ 16.466371] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.466815] Write of size 121 at addr ffff888102ad4e00 by task kunit_try_catch/303 [ 16.467229] [ 16.467576] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.467626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.467639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.467661] Call Trace: [ 16.467678] <TASK> [ 16.467694] dump_stack_lvl+0x73/0xb0 [ 16.467723] print_report+0xd1/0x610 [ 16.467746] ? __virt_addr_valid+0x1db/0x2d0 [ 16.467772] ? strncpy_from_user+0x2e/0x1d0 [ 16.467797] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.467820] ? strncpy_from_user+0x2e/0x1d0 [ 16.467844] kasan_report+0x141/0x180 [ 16.467867] ? strncpy_from_user+0x2e/0x1d0 [ 16.467895] kasan_check_range+0x10c/0x1c0 [ 16.467933] __kasan_check_write+0x18/0x20 [ 16.467953] strncpy_from_user+0x2e/0x1d0 [ 16.467979] copy_user_test_oob+0x760/0x10f0 [ 16.468007] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.468032] ? finish_task_switch.isra.0+0x153/0x700 [ 16.468055] ? __switch_to+0x47/0xf50 [ 16.468081] ? __schedule+0x10cc/0x2b60 [ 16.468104] ? __pfx_read_tsc+0x10/0x10 [ 16.468125] ? ktime_get_ts64+0x86/0x230 [ 16.468150] kunit_try_run_case+0x1a5/0x480 [ 16.468175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.468198] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.468223] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.468247] ? __kthread_parkme+0x82/0x180 [ 16.468266] ? preempt_count_sub+0x50/0x80 [ 16.468289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.468314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.468336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.468360] kthread+0x337/0x6f0 [ 16.468379] ? trace_preempt_on+0x20/0xc0 [ 16.468402] ? __pfx_kthread+0x10/0x10 [ 16.468423] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.468444] ? calculate_sigpending+0x7b/0xa0 [ 16.468467] ? __pfx_kthread+0x10/0x10 [ 16.468489] ret_from_fork+0x116/0x1d0 [ 16.468507] ? __pfx_kthread+0x10/0x10 [ 16.468527] ret_from_fork_asm+0x1a/0x30 [ 16.468558] </TASK> [ 16.468569] [ 16.478702] Allocated by task 303: [ 16.479027] kasan_save_stack+0x45/0x70 [ 16.479248] kasan_save_track+0x18/0x40 [ 16.479546] kasan_save_alloc_info+0x3b/0x50 [ 16.479874] __kasan_kmalloc+0xb7/0xc0 [ 16.480039] __kmalloc_noprof+0x1c9/0x500 [ 16.480370] kunit_kmalloc_array+0x25/0x60 [ 16.480657] copy_user_test_oob+0xab/0x10f0 [ 16.481017] kunit_try_run_case+0x1a5/0x480 [ 16.481220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.481538] kthread+0x337/0x6f0 [ 16.481731] ret_from_fork+0x116/0x1d0 [ 16.482018] ret_from_fork_asm+0x1a/0x30 [ 16.482203] [ 16.482281] The buggy address belongs to the object at ffff888102ad4e00 [ 16.482281] which belongs to the cache kmalloc-128 of size 128 [ 16.483135] The buggy address is located 0 bytes inside of [ 16.483135] allocated 120-byte region [ffff888102ad4e00, ffff888102ad4e78) [ 16.483695] [ 16.483802] The buggy address belongs to the physical page: [ 16.484219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 16.484629] flags: 0x200000000000000(node=0|zone=2) [ 16.485012] page_type: f5(slab) [ 16.485181] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.485665] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.486109] page dumped because: kasan: bad access detected [ 16.486420] [ 16.486519] Memory state around the buggy address: [ 16.486730] ffff888102ad4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.487222] ffff888102ad4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.487742] >ffff888102ad4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.488256] ^ [ 16.488558] ffff888102ad4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.488887] ffff888102ad4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.489410] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.404614] ================================================================== [ 16.405085] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.405332] Read of size 121 at addr ffff888102ad4e00 by task kunit_try_catch/303 [ 16.405698] [ 16.405803] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.405845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.405857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.405878] Call Trace: [ 16.405892] <TASK> [ 16.405917] dump_stack_lvl+0x73/0xb0 [ 16.405944] print_report+0xd1/0x610 [ 16.405965] ? __virt_addr_valid+0x1db/0x2d0 [ 16.405988] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.406011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.406033] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.406056] kasan_report+0x141/0x180 [ 16.406078] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.406106] kasan_check_range+0x10c/0x1c0 [ 16.406129] __kasan_check_read+0x15/0x20 [ 16.406148] copy_user_test_oob+0x4aa/0x10f0 [ 16.406174] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.406197] ? finish_task_switch.isra.0+0x153/0x700 [ 16.406220] ? __switch_to+0x47/0xf50 [ 16.406245] ? __schedule+0x10cc/0x2b60 [ 16.406268] ? __pfx_read_tsc+0x10/0x10 [ 16.406288] ? ktime_get_ts64+0x86/0x230 [ 16.406311] kunit_try_run_case+0x1a5/0x480 [ 16.406335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.406357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.406379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.406402] ? __kthread_parkme+0x82/0x180 [ 16.406422] ? preempt_count_sub+0x50/0x80 [ 16.406445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.406470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.406493] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.406516] kthread+0x337/0x6f0 [ 16.406536] ? trace_preempt_on+0x20/0xc0 [ 16.406558] ? __pfx_kthread+0x10/0x10 [ 16.406579] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.406600] ? calculate_sigpending+0x7b/0xa0 [ 16.406624] ? __pfx_kthread+0x10/0x10 [ 16.406645] ret_from_fork+0x116/0x1d0 [ 16.406663] ? __pfx_kthread+0x10/0x10 [ 16.406694] ret_from_fork_asm+0x1a/0x30 [ 16.406724] </TASK> [ 16.406734] [ 16.413925] Allocated by task 303: [ 16.414106] kasan_save_stack+0x45/0x70 [ 16.414316] kasan_save_track+0x18/0x40 [ 16.414512] kasan_save_alloc_info+0x3b/0x50 [ 16.414681] __kasan_kmalloc+0xb7/0xc0 [ 16.414848] __kmalloc_noprof+0x1c9/0x500 [ 16.415019] kunit_kmalloc_array+0x25/0x60 [ 16.415232] copy_user_test_oob+0xab/0x10f0 [ 16.415408] kunit_try_run_case+0x1a5/0x480 [ 16.415555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.415757] kthread+0x337/0x6f0 [ 16.415948] ret_from_fork+0x116/0x1d0 [ 16.416136] ret_from_fork_asm+0x1a/0x30 [ 16.416331] [ 16.416427] The buggy address belongs to the object at ffff888102ad4e00 [ 16.416427] which belongs to the cache kmalloc-128 of size 128 [ 16.416965] The buggy address is located 0 bytes inside of [ 16.416965] allocated 120-byte region [ffff888102ad4e00, ffff888102ad4e78) [ 16.417381] [ 16.417480] The buggy address belongs to the physical page: [ 16.417789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 16.418092] flags: 0x200000000000000(node=0|zone=2) [ 16.418316] page_type: f5(slab) [ 16.418451] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.418682] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.419030] page dumped because: kasan: bad access detected [ 16.419307] [ 16.419399] Memory state around the buggy address: [ 16.419571] ffff888102ad4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.419961] ffff888102ad4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.420220] >ffff888102ad4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.420514] ^ [ 16.420840] ffff888102ad4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.421146] ffff888102ad4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.421426] ================================================================== [ 16.387312] ================================================================== [ 16.387646] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.388057] Write of size 121 at addr ffff888102ad4e00 by task kunit_try_catch/303 [ 16.388373] [ 16.388495] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.388539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.388563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.388585] Call Trace: [ 16.388597] <TASK> [ 16.388614] dump_stack_lvl+0x73/0xb0 [ 16.388641] print_report+0xd1/0x610 [ 16.388673] ? __virt_addr_valid+0x1db/0x2d0 [ 16.388695] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.388718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.388752] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.388776] kasan_report+0x141/0x180 [ 16.388798] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.388826] kasan_check_range+0x10c/0x1c0 [ 16.388849] __kasan_check_write+0x18/0x20 [ 16.388869] copy_user_test_oob+0x3fd/0x10f0 [ 16.388894] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.388925] ? finish_task_switch.isra.0+0x153/0x700 [ 16.388947] ? __switch_to+0x47/0xf50 [ 16.388973] ? __schedule+0x10cc/0x2b60 [ 16.389004] ? __pfx_read_tsc+0x10/0x10 [ 16.389025] ? ktime_get_ts64+0x86/0x230 [ 16.389049] kunit_try_run_case+0x1a5/0x480 [ 16.389078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.389101] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.389123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.389147] ? __kthread_parkme+0x82/0x180 [ 16.389167] ? preempt_count_sub+0x50/0x80 [ 16.389190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.389214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.389238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.389263] kthread+0x337/0x6f0 [ 16.389283] ? trace_preempt_on+0x20/0xc0 [ 16.389304] ? __pfx_kthread+0x10/0x10 [ 16.389325] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.389346] ? calculate_sigpending+0x7b/0xa0 [ 16.389370] ? __pfx_kthread+0x10/0x10 [ 16.389392] ret_from_fork+0x116/0x1d0 [ 16.389410] ? __pfx_kthread+0x10/0x10 [ 16.389431] ret_from_fork_asm+0x1a/0x30 [ 16.389462] </TASK> [ 16.389472] [ 16.396390] Allocated by task 303: [ 16.396521] kasan_save_stack+0x45/0x70 [ 16.396665] kasan_save_track+0x18/0x40 [ 16.396865] kasan_save_alloc_info+0x3b/0x50 [ 16.397089] __kasan_kmalloc+0xb7/0xc0 [ 16.397276] __kmalloc_noprof+0x1c9/0x500 [ 16.397482] kunit_kmalloc_array+0x25/0x60 [ 16.397695] copy_user_test_oob+0xab/0x10f0 [ 16.397915] kunit_try_run_case+0x1a5/0x480 [ 16.398104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.398316] kthread+0x337/0x6f0 [ 16.398486] ret_from_fork+0x116/0x1d0 [ 16.398653] ret_from_fork_asm+0x1a/0x30 [ 16.398867] [ 16.398961] The buggy address belongs to the object at ffff888102ad4e00 [ 16.398961] which belongs to the cache kmalloc-128 of size 128 [ 16.399429] The buggy address is located 0 bytes inside of [ 16.399429] allocated 120-byte region [ffff888102ad4e00, ffff888102ad4e78) [ 16.399945] [ 16.400024] The buggy address belongs to the physical page: [ 16.400238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 16.400551] flags: 0x200000000000000(node=0|zone=2) [ 16.400812] page_type: f5(slab) [ 16.400970] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.401280] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.401509] page dumped because: kasan: bad access detected [ 16.401687] [ 16.401785] Memory state around the buggy address: [ 16.402142] ffff888102ad4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.402462] ffff888102ad4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.402775] >ffff888102ad4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.403132] ^ [ 16.403389] ffff888102ad4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.403687] ffff888102ad4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.403961] ================================================================== [ 16.421883] ================================================================== [ 16.422190] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.422553] Write of size 121 at addr ffff888102ad4e00 by task kunit_try_catch/303 [ 16.422857] [ 16.422948] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.422990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.423002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.423023] Call Trace: [ 16.423036] <TASK> [ 16.423054] dump_stack_lvl+0x73/0xb0 [ 16.423081] print_report+0xd1/0x610 [ 16.423102] ? __virt_addr_valid+0x1db/0x2d0 [ 16.423124] ? copy_user_test_oob+0x557/0x10f0 [ 16.423148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.423170] ? copy_user_test_oob+0x557/0x10f0 [ 16.423193] kasan_report+0x141/0x180 [ 16.423216] ? copy_user_test_oob+0x557/0x10f0 [ 16.423243] kasan_check_range+0x10c/0x1c0 [ 16.423267] __kasan_check_write+0x18/0x20 [ 16.423288] copy_user_test_oob+0x557/0x10f0 [ 16.423313] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.423336] ? finish_task_switch.isra.0+0x153/0x700 [ 16.423358] ? __switch_to+0x47/0xf50 [ 16.423382] ? __schedule+0x10cc/0x2b60 [ 16.423405] ? __pfx_read_tsc+0x10/0x10 [ 16.423426] ? ktime_get_ts64+0x86/0x230 [ 16.423450] kunit_try_run_case+0x1a5/0x480 [ 16.423474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.423496] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.423518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.423543] ? __kthread_parkme+0x82/0x180 [ 16.423563] ? preempt_count_sub+0x50/0x80 [ 16.423585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.423609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.423633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.423655] kthread+0x337/0x6f0 [ 16.423675] ? trace_preempt_on+0x20/0xc0 [ 16.423697] ? __pfx_kthread+0x10/0x10 [ 16.423718] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.423739] ? calculate_sigpending+0x7b/0xa0 [ 16.423763] ? __pfx_kthread+0x10/0x10 [ 16.423785] ret_from_fork+0x116/0x1d0 [ 16.423811] ? __pfx_kthread+0x10/0x10 [ 16.423832] ret_from_fork_asm+0x1a/0x30 [ 16.423862] </TASK> [ 16.423872] [ 16.431284] Allocated by task 303: [ 16.431411] kasan_save_stack+0x45/0x70 [ 16.431554] kasan_save_track+0x18/0x40 [ 16.431689] kasan_save_alloc_info+0x3b/0x50 [ 16.431836] __kasan_kmalloc+0xb7/0xc0 [ 16.432023] __kmalloc_noprof+0x1c9/0x500 [ 16.432227] kunit_kmalloc_array+0x25/0x60 [ 16.432431] copy_user_test_oob+0xab/0x10f0 [ 16.432636] kunit_try_run_case+0x1a5/0x480 [ 16.432842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.433107] kthread+0x337/0x6f0 [ 16.433236] ret_from_fork+0x116/0x1d0 [ 16.433368] ret_from_fork_asm+0x1a/0x30 [ 16.433507] [ 16.433577] The buggy address belongs to the object at ffff888102ad4e00 [ 16.433577] which belongs to the cache kmalloc-128 of size 128 [ 16.433939] The buggy address is located 0 bytes inside of [ 16.433939] allocated 120-byte region [ffff888102ad4e00, ffff888102ad4e78) [ 16.435121] [ 16.435220] The buggy address belongs to the physical page: [ 16.435475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 16.435796] flags: 0x200000000000000(node=0|zone=2) [ 16.435968] page_type: f5(slab) [ 16.436088] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.436319] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.436543] page dumped because: kasan: bad access detected [ 16.436716] [ 16.436784] Memory state around the buggy address: [ 16.436957] ffff888102ad4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.437283] ffff888102ad4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.437602] >ffff888102ad4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.438253] ^ [ 16.438566] ffff888102ad4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.439170] ffff888102ad4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.439485] ================================================================== [ 16.440053] ================================================================== [ 16.440379] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.440672] Read of size 121 at addr ffff888102ad4e00 by task kunit_try_catch/303 [ 16.440944] [ 16.441030] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.441070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.441082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.441104] Call Trace: [ 16.441117] <TASK> [ 16.441137] dump_stack_lvl+0x73/0xb0 [ 16.441162] print_report+0xd1/0x610 [ 16.441184] ? __virt_addr_valid+0x1db/0x2d0 [ 16.441207] ? copy_user_test_oob+0x604/0x10f0 [ 16.441230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.441253] ? copy_user_test_oob+0x604/0x10f0 [ 16.441276] kasan_report+0x141/0x180 [ 16.441298] ? copy_user_test_oob+0x604/0x10f0 [ 16.441325] kasan_check_range+0x10c/0x1c0 [ 16.441349] __kasan_check_read+0x15/0x20 [ 16.441368] copy_user_test_oob+0x604/0x10f0 [ 16.441393] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.441415] ? finish_task_switch.isra.0+0x153/0x700 [ 16.441438] ? __switch_to+0x47/0xf50 [ 16.441463] ? __schedule+0x10cc/0x2b60 [ 16.441485] ? __pfx_read_tsc+0x10/0x10 [ 16.441506] ? ktime_get_ts64+0x86/0x230 [ 16.441530] kunit_try_run_case+0x1a5/0x480 [ 16.441554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.441576] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.441598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.441622] ? __kthread_parkme+0x82/0x180 [ 16.441642] ? preempt_count_sub+0x50/0x80 [ 16.441665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.441689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.441712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.441735] kthread+0x337/0x6f0 [ 16.441755] ? trace_preempt_on+0x20/0xc0 [ 16.441777] ? __pfx_kthread+0x10/0x10 [ 16.441798] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.441819] ? calculate_sigpending+0x7b/0xa0 [ 16.441842] ? __pfx_kthread+0x10/0x10 [ 16.441864] ret_from_fork+0x116/0x1d0 [ 16.441882] ? __pfx_kthread+0x10/0x10 [ 16.441903] ret_from_fork_asm+0x1a/0x30 [ 16.441942] </TASK> [ 16.441953] [ 16.454363] Allocated by task 303: [ 16.454801] kasan_save_stack+0x45/0x70 [ 16.455129] kasan_save_track+0x18/0x40 [ 16.455295] kasan_save_alloc_info+0x3b/0x50 [ 16.455506] __kasan_kmalloc+0xb7/0xc0 [ 16.455926] __kmalloc_noprof+0x1c9/0x500 [ 16.456119] kunit_kmalloc_array+0x25/0x60 [ 16.456430] copy_user_test_oob+0xab/0x10f0 [ 16.456629] kunit_try_run_case+0x1a5/0x480 [ 16.456955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.457365] kthread+0x337/0x6f0 [ 16.457528] ret_from_fork+0x116/0x1d0 [ 16.457808] ret_from_fork_asm+0x1a/0x30 [ 16.457979] [ 16.458070] The buggy address belongs to the object at ffff888102ad4e00 [ 16.458070] which belongs to the cache kmalloc-128 of size 128 [ 16.458586] The buggy address is located 0 bytes inside of [ 16.458586] allocated 120-byte region [ffff888102ad4e00, ffff888102ad4e78) [ 16.459346] [ 16.459641] The buggy address belongs to the physical page: [ 16.460029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 16.460410] flags: 0x200000000000000(node=0|zone=2) [ 16.460695] page_type: f5(slab) [ 16.460929] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.461262] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.461570] page dumped because: kasan: bad access detected [ 16.462020] [ 16.462110] Memory state around the buggy address: [ 16.462452] ffff888102ad4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.462969] ffff888102ad4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.463371] >ffff888102ad4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.463677] ^ [ 16.463987] ffff888102ad4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.464290] ffff888102ad4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.464600] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.364982] ================================================================== [ 16.365318] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x3c/0x70 [ 16.365647] Read of size 121 at addr ffff888102ad4e00 by task kunit_try_catch/303 [ 16.365892] [ 16.366010] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.366055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.366068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.366090] Call Trace: [ 16.366102] <TASK> [ 16.366117] dump_stack_lvl+0x73/0xb0 [ 16.366146] print_report+0xd1/0x610 [ 16.366168] ? __virt_addr_valid+0x1db/0x2d0 [ 16.366191] ? _copy_to_user+0x3c/0x70 [ 16.366209] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.366232] ? _copy_to_user+0x3c/0x70 [ 16.366252] kasan_report+0x141/0x180 [ 16.366274] ? _copy_to_user+0x3c/0x70 [ 16.366299] kasan_check_range+0x10c/0x1c0 [ 16.366335] __kasan_check_read+0x15/0x20 [ 16.366354] _copy_to_user+0x3c/0x70 [ 16.366374] copy_user_test_oob+0x364/0x10f0 [ 16.366412] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.366436] ? finish_task_switch.isra.0+0x153/0x700 [ 16.366458] ? __switch_to+0x47/0xf50 [ 16.366483] ? __schedule+0x10cc/0x2b60 [ 16.366506] ? __pfx_read_tsc+0x10/0x10 [ 16.366527] ? ktime_get_ts64+0x86/0x230 [ 16.366551] kunit_try_run_case+0x1a5/0x480 [ 16.366574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.366597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.366619] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.366643] ? __kthread_parkme+0x82/0x180 [ 16.366663] ? preempt_count_sub+0x50/0x80 [ 16.366697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.366721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.366744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.366768] kthread+0x337/0x6f0 [ 16.366787] ? trace_preempt_on+0x20/0xc0 [ 16.366810] ? __pfx_kthread+0x10/0x10 [ 16.366831] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.366852] ? calculate_sigpending+0x7b/0xa0 [ 16.366876] ? __pfx_kthread+0x10/0x10 [ 16.366897] ret_from_fork+0x116/0x1d0 [ 16.366925] ? __pfx_kthread+0x10/0x10 [ 16.366945] ret_from_fork_asm+0x1a/0x30 [ 16.366975] </TASK> [ 16.366985] [ 16.374464] Allocated by task 303: [ 16.374653] kasan_save_stack+0x45/0x70 [ 16.374856] kasan_save_track+0x18/0x40 [ 16.375082] kasan_save_alloc_info+0x3b/0x50 [ 16.375320] __kasan_kmalloc+0xb7/0xc0 [ 16.375506] __kmalloc_noprof+0x1c9/0x500 [ 16.375689] kunit_kmalloc_array+0x25/0x60 [ 16.375952] copy_user_test_oob+0xab/0x10f0 [ 16.376131] kunit_try_run_case+0x1a5/0x480 [ 16.376302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.376578] kthread+0x337/0x6f0 [ 16.376746] ret_from_fork+0x116/0x1d0 [ 16.376917] ret_from_fork_asm+0x1a/0x30 [ 16.377271] [ 16.377349] The buggy address belongs to the object at ffff888102ad4e00 [ 16.377349] which belongs to the cache kmalloc-128 of size 128 [ 16.377881] The buggy address is located 0 bytes inside of [ 16.377881] allocated 120-byte region [ffff888102ad4e00, ffff888102ad4e78) [ 16.378248] [ 16.378322] The buggy address belongs to the physical page: [ 16.378496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 16.378875] flags: 0x200000000000000(node=0|zone=2) [ 16.379121] page_type: f5(slab) [ 16.379299] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.379640] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.380152] page dumped because: kasan: bad access detected [ 16.380325] [ 16.380395] Memory state around the buggy address: [ 16.380550] ffff888102ad4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.380810] ffff888102ad4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.381172] >ffff888102ad4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.381528] ^ [ 16.382072] ffff888102ad4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.382422] ffff888102ad4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.382688] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.328647] ================================================================== [ 16.330010] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.330819] Write of size 121 at addr ffff888102ad4e00 by task kunit_try_catch/303 [ 16.331172] [ 16.331291] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.331343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.331356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.331381] Call Trace: [ 16.331394] <TASK> [ 16.331415] dump_stack_lvl+0x73/0xb0 [ 16.331447] print_report+0xd1/0x610 [ 16.331472] ? __virt_addr_valid+0x1db/0x2d0 [ 16.331497] ? _copy_from_user+0x32/0x90 [ 16.331516] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.331539] ? _copy_from_user+0x32/0x90 [ 16.331559] kasan_report+0x141/0x180 [ 16.331581] ? _copy_from_user+0x32/0x90 [ 16.331605] kasan_check_range+0x10c/0x1c0 [ 16.331629] __kasan_check_write+0x18/0x20 [ 16.331648] _copy_from_user+0x32/0x90 [ 16.331668] copy_user_test_oob+0x2be/0x10f0 [ 16.331942] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.331967] ? finish_task_switch.isra.0+0x153/0x700 [ 16.332024] ? __switch_to+0x47/0xf50 [ 16.332053] ? __schedule+0x10cc/0x2b60 [ 16.332077] ? __pfx_read_tsc+0x10/0x10 [ 16.332099] ? ktime_get_ts64+0x86/0x230 [ 16.332123] kunit_try_run_case+0x1a5/0x480 [ 16.332147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.332169] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.332193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.332216] ? __kthread_parkme+0x82/0x180 [ 16.332238] ? preempt_count_sub+0x50/0x80 [ 16.332261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.332284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.332308] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.332331] kthread+0x337/0x6f0 [ 16.332351] ? trace_preempt_on+0x20/0xc0 [ 16.332376] ? __pfx_kthread+0x10/0x10 [ 16.332397] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.332418] ? calculate_sigpending+0x7b/0xa0 [ 16.332442] ? __pfx_kthread+0x10/0x10 [ 16.332464] ret_from_fork+0x116/0x1d0 [ 16.332484] ? __pfx_kthread+0x10/0x10 [ 16.332504] ret_from_fork_asm+0x1a/0x30 [ 16.332535] </TASK> [ 16.332548] [ 16.345993] Allocated by task 303: [ 16.346172] kasan_save_stack+0x45/0x70 [ 16.346738] kasan_save_track+0x18/0x40 [ 16.347125] kasan_save_alloc_info+0x3b/0x50 [ 16.347334] __kasan_kmalloc+0xb7/0xc0 [ 16.347845] __kmalloc_noprof+0x1c9/0x500 [ 16.348607] kunit_kmalloc_array+0x25/0x60 [ 16.348884] copy_user_test_oob+0xab/0x10f0 [ 16.349097] kunit_try_run_case+0x1a5/0x480 [ 16.349290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.349899] kthread+0x337/0x6f0 [ 16.350084] ret_from_fork+0x116/0x1d0 [ 16.350253] ret_from_fork_asm+0x1a/0x30 [ 16.350870] [ 16.351042] The buggy address belongs to the object at ffff888102ad4e00 [ 16.351042] which belongs to the cache kmalloc-128 of size 128 [ 16.351902] The buggy address is located 0 bytes inside of [ 16.351902] allocated 120-byte region [ffff888102ad4e00, ffff888102ad4e78) [ 16.353080] [ 16.353617] The buggy address belongs to the physical page: [ 16.353953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 16.354291] flags: 0x200000000000000(node=0|zone=2) [ 16.355031] page_type: f5(slab) [ 16.355293] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.355940] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.356659] page dumped because: kasan: bad access detected [ 16.356921] [ 16.357016] Memory state around the buggy address: [ 16.357225] ffff888102ad4d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.358087] ffff888102ad4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.358536] >ffff888102ad4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.359177] ^ [ 16.359838] ffff888102ad4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360331] ffff888102ad4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.361166] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.285257] ================================================================== [ 16.286395] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.286703] Write of size 8 at addr ffff888102ad4d78 by task kunit_try_catch/299 [ 16.287396] [ 16.287648] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.287811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.287825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.287862] Call Trace: [ 16.287875] <TASK> [ 16.287930] dump_stack_lvl+0x73/0xb0 [ 16.287963] print_report+0xd1/0x610 [ 16.287985] ? __virt_addr_valid+0x1db/0x2d0 [ 16.288008] ? copy_to_kernel_nofault+0x99/0x260 [ 16.288032] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.288054] ? copy_to_kernel_nofault+0x99/0x260 [ 16.288078] kasan_report+0x141/0x180 [ 16.288100] ? copy_to_kernel_nofault+0x99/0x260 [ 16.288128] kasan_check_range+0x10c/0x1c0 [ 16.288153] __kasan_check_write+0x18/0x20 [ 16.288172] copy_to_kernel_nofault+0x99/0x260 [ 16.288196] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.288220] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.288243] ? finish_task_switch.isra.0+0x153/0x700 [ 16.288265] ? __schedule+0x10cc/0x2b60 [ 16.288286] ? trace_hardirqs_on+0x37/0xe0 [ 16.288316] ? __pfx_read_tsc+0x10/0x10 [ 16.288338] ? ktime_get_ts64+0x86/0x230 [ 16.288372] kunit_try_run_case+0x1a5/0x480 [ 16.288395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.288418] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.288441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.288464] ? __kthread_parkme+0x82/0x180 [ 16.288483] ? preempt_count_sub+0x50/0x80 [ 16.288505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.288530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.288554] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.288577] kthread+0x337/0x6f0 [ 16.288596] ? trace_preempt_on+0x20/0xc0 [ 16.288618] ? __pfx_kthread+0x10/0x10 [ 16.288639] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.288660] ? calculate_sigpending+0x7b/0xa0 [ 16.288694] ? __pfx_kthread+0x10/0x10 [ 16.288715] ret_from_fork+0x116/0x1d0 [ 16.288735] ? __pfx_kthread+0x10/0x10 [ 16.288755] ret_from_fork_asm+0x1a/0x30 [ 16.288786] </TASK> [ 16.288796] [ 16.303017] Allocated by task 299: [ 16.303202] kasan_save_stack+0x45/0x70 [ 16.303397] kasan_save_track+0x18/0x40 [ 16.304047] kasan_save_alloc_info+0x3b/0x50 [ 16.304323] __kasan_kmalloc+0xb7/0xc0 [ 16.304751] __kmalloc_cache_noprof+0x189/0x420 [ 16.304988] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.305192] kunit_try_run_case+0x1a5/0x480 [ 16.305598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.306135] kthread+0x337/0x6f0 [ 16.306312] ret_from_fork+0x116/0x1d0 [ 16.306678] ret_from_fork_asm+0x1a/0x30 [ 16.307019] [ 16.307120] The buggy address belongs to the object at ffff888102ad4d00 [ 16.307120] which belongs to the cache kmalloc-128 of size 128 [ 16.308141] The buggy address is located 0 bytes to the right of [ 16.308141] allocated 120-byte region [ffff888102ad4d00, ffff888102ad4d78) [ 16.309147] [ 16.309244] The buggy address belongs to the physical page: [ 16.309779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 16.310137] flags: 0x200000000000000(node=0|zone=2) [ 16.310351] page_type: f5(slab) [ 16.310609] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.311326] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.311936] page dumped because: kasan: bad access detected [ 16.312420] [ 16.312672] Memory state around the buggy address: [ 16.313019] ffff888102ad4c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.313297] ffff888102ad4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.314051] >ffff888102ad4d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.314547] ^ [ 16.314983] ffff888102ad4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.315280] ffff888102ad4e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.315901] ================================================================== [ 16.253127] ================================================================== [ 16.253881] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.254523] Read of size 8 at addr ffff888102ad4d78 by task kunit_try_catch/299 [ 16.255272] [ 16.255562] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.255618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.255760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.255786] Call Trace: [ 16.255801] <TASK> [ 16.255819] dump_stack_lvl+0x73/0xb0 [ 16.255854] print_report+0xd1/0x610 [ 16.255879] ? __virt_addr_valid+0x1db/0x2d0 [ 16.255915] ? copy_to_kernel_nofault+0x225/0x260 [ 16.255939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.255961] ? copy_to_kernel_nofault+0x225/0x260 [ 16.255986] kasan_report+0x141/0x180 [ 16.256008] ? copy_to_kernel_nofault+0x225/0x260 [ 16.256036] __asan_report_load8_noabort+0x18/0x20 [ 16.256062] copy_to_kernel_nofault+0x225/0x260 [ 16.256087] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.256111] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.256134] ? finish_task_switch.isra.0+0x153/0x700 [ 16.256158] ? __schedule+0x10cc/0x2b60 [ 16.256180] ? trace_hardirqs_on+0x37/0xe0 [ 16.256212] ? __pfx_read_tsc+0x10/0x10 [ 16.256234] ? ktime_get_ts64+0x86/0x230 [ 16.256259] kunit_try_run_case+0x1a5/0x480 [ 16.256285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.256308] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.256332] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.256355] ? __kthread_parkme+0x82/0x180 [ 16.256376] ? preempt_count_sub+0x50/0x80 [ 16.256399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.256423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.256447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.256471] kthread+0x337/0x6f0 [ 16.256491] ? trace_preempt_on+0x20/0xc0 [ 16.256513] ? __pfx_kthread+0x10/0x10 [ 16.256534] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.256555] ? calculate_sigpending+0x7b/0xa0 [ 16.256580] ? __pfx_kthread+0x10/0x10 [ 16.256601] ret_from_fork+0x116/0x1d0 [ 16.256620] ? __pfx_kthread+0x10/0x10 [ 16.256641] ret_from_fork_asm+0x1a/0x30 [ 16.256672] </TASK> [ 16.256684] [ 16.269803] Allocated by task 299: [ 16.270203] kasan_save_stack+0x45/0x70 [ 16.270625] kasan_save_track+0x18/0x40 [ 16.271134] kasan_save_alloc_info+0x3b/0x50 [ 16.271515] __kasan_kmalloc+0xb7/0xc0 [ 16.271901] __kmalloc_cache_noprof+0x189/0x420 [ 16.272294] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.272996] kunit_try_run_case+0x1a5/0x480 [ 16.273217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.273717] kthread+0x337/0x6f0 [ 16.274095] ret_from_fork+0x116/0x1d0 [ 16.274541] ret_from_fork_asm+0x1a/0x30 [ 16.274927] [ 16.275238] The buggy address belongs to the object at ffff888102ad4d00 [ 16.275238] which belongs to the cache kmalloc-128 of size 128 [ 16.275939] The buggy address is located 0 bytes to the right of [ 16.275939] allocated 120-byte region [ffff888102ad4d00, ffff888102ad4d78) [ 16.276775] [ 16.277189] The buggy address belongs to the physical page: [ 16.277784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 16.278507] flags: 0x200000000000000(node=0|zone=2) [ 16.278950] page_type: f5(slab) [ 16.279353] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.280057] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.280680] page dumped because: kasan: bad access detected [ 16.280937] [ 16.281029] Memory state around the buggy address: [ 16.281237] ffff888102ad4c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.281880] ffff888102ad4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.282516] >ffff888102ad4d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.283214] ^ [ 16.283768] ffff888102ad4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.284062] ffff888102ad4e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.284343] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.910369] ================================================================== [ 14.910975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.911329] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 14.911641] [ 14.911834] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.911879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.911891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.911924] Call Trace: [ 14.911939] <TASK> [ 14.911953] dump_stack_lvl+0x73/0xb0 [ 14.911980] print_report+0xd1/0x610 [ 14.912002] ? __virt_addr_valid+0x1db/0x2d0 [ 14.912026] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.912047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.912069] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.912090] kasan_report+0x141/0x180 [ 14.912113] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.912139] __asan_report_store4_noabort+0x1b/0x30 [ 14.912164] kasan_atomics_helper+0x4b3a/0x5450 [ 14.912186] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.912208] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.912232] ? trace_hardirqs_on+0x37/0xe0 [ 14.912254] ? kasan_atomics+0x152/0x310 [ 14.912280] kasan_atomics+0x1dc/0x310 [ 14.912303] ? __pfx_kasan_atomics+0x10/0x10 [ 14.912326] ? __pfx_kasan_atomics+0x10/0x10 [ 14.912391] kunit_try_run_case+0x1a5/0x480 [ 14.912420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.912444] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.912467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.912490] ? __kthread_parkme+0x82/0x180 [ 14.912511] ? preempt_count_sub+0x50/0x80 [ 14.912534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.912558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.912581] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.912605] kthread+0x337/0x6f0 [ 14.912624] ? trace_preempt_on+0x20/0xc0 [ 14.912646] ? __pfx_kthread+0x10/0x10 [ 14.912666] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.912694] ? calculate_sigpending+0x7b/0xa0 [ 14.912718] ? __pfx_kthread+0x10/0x10 [ 14.912739] ret_from_fork+0x116/0x1d0 [ 14.912758] ? __pfx_kthread+0x10/0x10 [ 14.912778] ret_from_fork_asm+0x1a/0x30 [ 14.912810] </TASK> [ 14.912820] [ 14.923504] Allocated by task 283: [ 14.923682] kasan_save_stack+0x45/0x70 [ 14.923874] kasan_save_track+0x18/0x40 [ 14.924062] kasan_save_alloc_info+0x3b/0x50 [ 14.924258] __kasan_kmalloc+0xb7/0xc0 [ 14.924798] __kmalloc_cache_noprof+0x189/0x420 [ 14.925029] kasan_atomics+0x95/0x310 [ 14.925204] kunit_try_run_case+0x1a5/0x480 [ 14.925756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.926233] kthread+0x337/0x6f0 [ 14.926599] ret_from_fork+0x116/0x1d0 [ 14.926799] ret_from_fork_asm+0x1a/0x30 [ 14.926985] [ 14.927084] The buggy address belongs to the object at ffff888102744f80 [ 14.927084] which belongs to the cache kmalloc-64 of size 64 [ 14.928284] The buggy address is located 0 bytes to the right of [ 14.928284] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 14.929165] [ 14.929261] The buggy address belongs to the physical page: [ 14.929564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 14.930653] flags: 0x200000000000000(node=0|zone=2) [ 14.931099] page_type: f5(slab) [ 14.931261] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.932075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.932668] page dumped because: kasan: bad access detected [ 14.933061] [ 14.933331] Memory state around the buggy address: [ 14.933847] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.934181] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.934797] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.935325] ^ [ 14.935756] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.936070] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.936345] ================================================================== [ 15.509227] ================================================================== [ 15.509619] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.510038] Read of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.510297] [ 15.510402] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.510444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.510456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.510477] Call Trace: [ 15.510489] <TASK> [ 15.510503] dump_stack_lvl+0x73/0xb0 [ 15.510530] print_report+0xd1/0x610 [ 15.510551] ? __virt_addr_valid+0x1db/0x2d0 [ 15.510573] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.510595] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.510617] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.510638] kasan_report+0x141/0x180 [ 15.510660] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.510686] __asan_report_load4_noabort+0x18/0x20 [ 15.510711] kasan_atomics_helper+0x49e8/0x5450 [ 15.510734] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.510756] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.510781] ? trace_hardirqs_on+0x37/0xe0 [ 15.510802] ? kasan_atomics+0x152/0x310 [ 15.510829] kasan_atomics+0x1dc/0x310 [ 15.510852] ? __pfx_kasan_atomics+0x10/0x10 [ 15.510875] ? __pfx_kasan_atomics+0x10/0x10 [ 15.510902] kunit_try_run_case+0x1a5/0x480 [ 15.510937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.510960] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.510982] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.511005] ? __kthread_parkme+0x82/0x180 [ 15.511025] ? preempt_count_sub+0x50/0x80 [ 15.511053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.511076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.511099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.511123] kthread+0x337/0x6f0 [ 15.511142] ? trace_preempt_on+0x20/0xc0 [ 15.511163] ? __pfx_kthread+0x10/0x10 [ 15.511184] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.511206] ? calculate_sigpending+0x7b/0xa0 [ 15.511229] ? __pfx_kthread+0x10/0x10 [ 15.511251] ret_from_fork+0x116/0x1d0 [ 15.511270] ? __pfx_kthread+0x10/0x10 [ 15.511291] ret_from_fork_asm+0x1a/0x30 [ 15.511322] </TASK> [ 15.511332] [ 15.518963] Allocated by task 283: [ 15.519144] kasan_save_stack+0x45/0x70 [ 15.519343] kasan_save_track+0x18/0x40 [ 15.519515] kasan_save_alloc_info+0x3b/0x50 [ 15.519692] __kasan_kmalloc+0xb7/0xc0 [ 15.519875] __kmalloc_cache_noprof+0x189/0x420 [ 15.520064] kasan_atomics+0x95/0x310 [ 15.520245] kunit_try_run_case+0x1a5/0x480 [ 15.520418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.520652] kthread+0x337/0x6f0 [ 15.520809] ret_from_fork+0x116/0x1d0 [ 15.520993] ret_from_fork_asm+0x1a/0x30 [ 15.521151] [ 15.521221] The buggy address belongs to the object at ffff888102744f80 [ 15.521221] which belongs to the cache kmalloc-64 of size 64 [ 15.521575] The buggy address is located 0 bytes to the right of [ 15.521575] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.521968] [ 15.522125] The buggy address belongs to the physical page: [ 15.522378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.522724] flags: 0x200000000000000(node=0|zone=2) [ 15.522966] page_type: f5(slab) [ 15.523284] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.523575] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.524040] page dumped because: kasan: bad access detected [ 15.524265] [ 15.524360] Memory state around the buggy address: [ 15.524522] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.524738] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.525080] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.525406] ^ [ 15.525633] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.525961] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.526334] ================================================================== [ 16.066829] ================================================================== [ 16.067179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.067711] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 16.068011] [ 16.068130] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.068414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.068433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.068456] Call Trace: [ 16.068472] <TASK> [ 16.068487] dump_stack_lvl+0x73/0xb0 [ 16.068517] print_report+0xd1/0x610 [ 16.068539] ? __virt_addr_valid+0x1db/0x2d0 [ 16.068562] ? kasan_atomics_helper+0x2006/0x5450 [ 16.068587] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.068610] ? kasan_atomics_helper+0x2006/0x5450 [ 16.068634] kasan_report+0x141/0x180 [ 16.068657] ? kasan_atomics_helper+0x2006/0x5450 [ 16.068683] kasan_check_range+0x10c/0x1c0 [ 16.068708] __kasan_check_write+0x18/0x20 [ 16.068727] kasan_atomics_helper+0x2006/0x5450 [ 16.068750] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.068773] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.068797] ? trace_hardirqs_on+0x37/0xe0 [ 16.068819] ? kasan_atomics+0x152/0x310 [ 16.068846] kasan_atomics+0x1dc/0x310 [ 16.068869] ? __pfx_kasan_atomics+0x10/0x10 [ 16.068892] ? __pfx_kasan_atomics+0x10/0x10 [ 16.068944] kunit_try_run_case+0x1a5/0x480 [ 16.068967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.068991] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.069015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.069038] ? __kthread_parkme+0x82/0x180 [ 16.069059] ? preempt_count_sub+0x50/0x80 [ 16.069082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.069106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.069128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.069152] kthread+0x337/0x6f0 [ 16.069172] ? trace_preempt_on+0x20/0xc0 [ 16.069193] ? __pfx_kthread+0x10/0x10 [ 16.069214] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.069236] ? calculate_sigpending+0x7b/0xa0 [ 16.069259] ? __pfx_kthread+0x10/0x10 [ 16.069280] ret_from_fork+0x116/0x1d0 [ 16.069298] ? __pfx_kthread+0x10/0x10 [ 16.069318] ret_from_fork_asm+0x1a/0x30 [ 16.069349] </TASK> [ 16.069360] [ 16.077354] Allocated by task 283: [ 16.077537] kasan_save_stack+0x45/0x70 [ 16.078346] kasan_save_track+0x18/0x40 [ 16.078561] kasan_save_alloc_info+0x3b/0x50 [ 16.079330] __kasan_kmalloc+0xb7/0xc0 [ 16.079517] __kmalloc_cache_noprof+0x189/0x420 [ 16.079788] kasan_atomics+0x95/0x310 [ 16.080016] kunit_try_run_case+0x1a5/0x480 [ 16.080458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.080808] kthread+0x337/0x6f0 [ 16.080960] ret_from_fork+0x116/0x1d0 [ 16.081182] ret_from_fork_asm+0x1a/0x30 [ 16.081550] [ 16.081673] The buggy address belongs to the object at ffff888102744f80 [ 16.081673] which belongs to the cache kmalloc-64 of size 64 [ 16.082324] The buggy address is located 0 bytes to the right of [ 16.082324] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 16.083205] [ 16.083300] The buggy address belongs to the physical page: [ 16.083680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 16.084081] flags: 0x200000000000000(node=0|zone=2) [ 16.084426] page_type: f5(slab) [ 16.084693] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.085071] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.085526] page dumped because: kasan: bad access detected [ 16.085894] [ 16.086010] Memory state around the buggy address: [ 16.086334] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.086634] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.087225] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.087611] ^ [ 16.087964] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.088252] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.088569] ================================================================== [ 14.889501] ================================================================== [ 14.890155] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.890864] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 14.891118] [ 14.891206] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.891250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.891263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.891285] Call Trace: [ 14.891300] <TASK> [ 14.891315] dump_stack_lvl+0x73/0xb0 [ 14.891343] print_report+0xd1/0x610 [ 14.891375] ? __virt_addr_valid+0x1db/0x2d0 [ 14.891398] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.891419] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.891441] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.891462] kasan_report+0x141/0x180 [ 14.891485] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.891510] kasan_check_range+0x10c/0x1c0 [ 14.891535] __kasan_check_write+0x18/0x20 [ 14.891555] kasan_atomics_helper+0x4a0/0x5450 [ 14.891577] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.891599] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.891625] ? trace_hardirqs_on+0x37/0xe0 [ 14.891648] ? kasan_atomics+0x152/0x310 [ 14.891676] kasan_atomics+0x1dc/0x310 [ 14.891887] ? __pfx_kasan_atomics+0x10/0x10 [ 14.891925] ? __pfx_kasan_atomics+0x10/0x10 [ 14.891952] kunit_try_run_case+0x1a5/0x480 [ 14.891977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.891999] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.892023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.892047] ? __kthread_parkme+0x82/0x180 [ 14.892067] ? preempt_count_sub+0x50/0x80 [ 14.892090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.892114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.892138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.892161] kthread+0x337/0x6f0 [ 14.892181] ? trace_preempt_on+0x20/0xc0 [ 14.892202] ? __pfx_kthread+0x10/0x10 [ 14.892223] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.892244] ? calculate_sigpending+0x7b/0xa0 [ 14.892268] ? __pfx_kthread+0x10/0x10 [ 14.892289] ret_from_fork+0x116/0x1d0 [ 14.892308] ? __pfx_kthread+0x10/0x10 [ 14.892329] ret_from_fork_asm+0x1a/0x30 [ 14.892411] </TASK> [ 14.892424] [ 14.902134] Allocated by task 283: [ 14.902302] kasan_save_stack+0x45/0x70 [ 14.902608] kasan_save_track+0x18/0x40 [ 14.902807] kasan_save_alloc_info+0x3b/0x50 [ 14.902972] __kasan_kmalloc+0xb7/0xc0 [ 14.903159] __kmalloc_cache_noprof+0x189/0x420 [ 14.903463] kasan_atomics+0x95/0x310 [ 14.903663] kunit_try_run_case+0x1a5/0x480 [ 14.903886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.904154] kthread+0x337/0x6f0 [ 14.904318] ret_from_fork+0x116/0x1d0 [ 14.904579] ret_from_fork_asm+0x1a/0x30 [ 14.904765] [ 14.904854] The buggy address belongs to the object at ffff888102744f80 [ 14.904854] which belongs to the cache kmalloc-64 of size 64 [ 14.905316] The buggy address is located 0 bytes to the right of [ 14.905316] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 14.905849] [ 14.905958] The buggy address belongs to the physical page: [ 14.906133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 14.906450] flags: 0x200000000000000(node=0|zone=2) [ 14.906683] page_type: f5(slab) [ 14.906812] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.907301] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.907597] page dumped because: kasan: bad access detected [ 14.907822] [ 14.907936] Memory state around the buggy address: [ 14.908151] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.908408] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.908734] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.909005] ^ [ 14.909236] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.909466] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.909681] ================================================================== [ 15.112048] ================================================================== [ 15.112673] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.113234] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.113965] [ 15.114103] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.114148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.114161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.114183] Call Trace: [ 15.114198] <TASK> [ 15.114213] dump_stack_lvl+0x73/0xb0 [ 15.114241] print_report+0xd1/0x610 [ 15.114264] ? __virt_addr_valid+0x1db/0x2d0 [ 15.114285] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.114306] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.114329] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.114351] kasan_report+0x141/0x180 [ 15.114373] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.114399] kasan_check_range+0x10c/0x1c0 [ 15.114423] __kasan_check_write+0x18/0x20 [ 15.114442] kasan_atomics_helper+0x8f9/0x5450 [ 15.114464] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.114486] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.114511] ? trace_hardirqs_on+0x37/0xe0 [ 15.114532] ? kasan_atomics+0x152/0x310 [ 15.114559] kasan_atomics+0x1dc/0x310 [ 15.114583] ? __pfx_kasan_atomics+0x10/0x10 [ 15.114609] ? __pfx_kasan_atomics+0x10/0x10 [ 15.114637] kunit_try_run_case+0x1a5/0x480 [ 15.114661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.114684] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.114708] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.114731] ? __kthread_parkme+0x82/0x180 [ 15.114752] ? preempt_count_sub+0x50/0x80 [ 15.114775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.114799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.114822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.114849] kthread+0x337/0x6f0 [ 15.114870] ? trace_preempt_on+0x20/0xc0 [ 15.114893] ? __pfx_kthread+0x10/0x10 [ 15.114927] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.114948] ? calculate_sigpending+0x7b/0xa0 [ 15.114971] ? __pfx_kthread+0x10/0x10 [ 15.114994] ret_from_fork+0x116/0x1d0 [ 15.115013] ? __pfx_kthread+0x10/0x10 [ 15.115034] ret_from_fork_asm+0x1a/0x30 [ 15.115072] </TASK> [ 15.115083] [ 15.127246] Allocated by task 283: [ 15.127774] kasan_save_stack+0x45/0x70 [ 15.127994] kasan_save_track+0x18/0x40 [ 15.128385] kasan_save_alloc_info+0x3b/0x50 [ 15.128640] __kasan_kmalloc+0xb7/0xc0 [ 15.129086] __kmalloc_cache_noprof+0x189/0x420 [ 15.129316] kasan_atomics+0x95/0x310 [ 15.129675] kunit_try_run_case+0x1a5/0x480 [ 15.130082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.130330] kthread+0x337/0x6f0 [ 15.130780] ret_from_fork+0x116/0x1d0 [ 15.130997] ret_from_fork_asm+0x1a/0x30 [ 15.131193] [ 15.131286] The buggy address belongs to the object at ffff888102744f80 [ 15.131286] which belongs to the cache kmalloc-64 of size 64 [ 15.132353] The buggy address is located 0 bytes to the right of [ 15.132353] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.133315] [ 15.133440] The buggy address belongs to the physical page: [ 15.133918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.134570] flags: 0x200000000000000(node=0|zone=2) [ 15.135028] page_type: f5(slab) [ 15.135208] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.135763] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.136310] page dumped because: kasan: bad access detected [ 15.136686] [ 15.136796] Memory state around the buggy address: [ 15.137214] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.137742] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.138201] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.138717] ^ [ 15.139184] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.139698] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.140153] ================================================================== [ 15.569993] ================================================================== [ 15.570644] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.571075] Read of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.571733] [ 15.572016] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.572063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.572075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.572217] Call Trace: [ 15.572234] <TASK> [ 15.572249] dump_stack_lvl+0x73/0xb0 [ 15.572280] print_report+0xd1/0x610 [ 15.572302] ? __virt_addr_valid+0x1db/0x2d0 [ 15.572325] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.572346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.572368] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.572391] kasan_report+0x141/0x180 [ 15.572413] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.572438] kasan_check_range+0x10c/0x1c0 [ 15.572462] __kasan_check_read+0x15/0x20 [ 15.572481] kasan_atomics_helper+0x13b5/0x5450 [ 15.572504] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.572525] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.572549] ? trace_hardirqs_on+0x37/0xe0 [ 15.572571] ? kasan_atomics+0x152/0x310 [ 15.572598] kasan_atomics+0x1dc/0x310 [ 15.572620] ? __pfx_kasan_atomics+0x10/0x10 [ 15.572644] ? __pfx_kasan_atomics+0x10/0x10 [ 15.572670] kunit_try_run_case+0x1a5/0x480 [ 15.572706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.572728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.572752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.572775] ? __kthread_parkme+0x82/0x180 [ 15.572796] ? preempt_count_sub+0x50/0x80 [ 15.572819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.572843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.572865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.572889] kthread+0x337/0x6f0 [ 15.572920] ? trace_preempt_on+0x20/0xc0 [ 15.572943] ? __pfx_kthread+0x10/0x10 [ 15.572963] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.572985] ? calculate_sigpending+0x7b/0xa0 [ 15.573008] ? __pfx_kthread+0x10/0x10 [ 15.573029] ret_from_fork+0x116/0x1d0 [ 15.573048] ? __pfx_kthread+0x10/0x10 [ 15.573069] ret_from_fork_asm+0x1a/0x30 [ 15.573100] </TASK> [ 15.573111] [ 15.582522] Allocated by task 283: [ 15.582709] kasan_save_stack+0x45/0x70 [ 15.583261] kasan_save_track+0x18/0x40 [ 15.583459] kasan_save_alloc_info+0x3b/0x50 [ 15.583818] __kasan_kmalloc+0xb7/0xc0 [ 15.584021] __kmalloc_cache_noprof+0x189/0x420 [ 15.584315] kasan_atomics+0x95/0x310 [ 15.584609] kunit_try_run_case+0x1a5/0x480 [ 15.584804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.585128] kthread+0x337/0x6f0 [ 15.585293] ret_from_fork+0x116/0x1d0 [ 15.585466] ret_from_fork_asm+0x1a/0x30 [ 15.585650] [ 15.585989] The buggy address belongs to the object at ffff888102744f80 [ 15.585989] which belongs to the cache kmalloc-64 of size 64 [ 15.586495] The buggy address is located 0 bytes to the right of [ 15.586495] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.587334] [ 15.587563] The buggy address belongs to the physical page: [ 15.587888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.588304] flags: 0x200000000000000(node=0|zone=2) [ 15.588491] page_type: f5(slab) [ 15.588664] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.589257] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.589606] page dumped because: kasan: bad access detected [ 15.589812] [ 15.589922] Memory state around the buggy address: [ 15.590238] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.590660] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.591063] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.591413] ^ [ 15.591629] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.592119] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.592494] ================================================================== [ 15.847398] ================================================================== [ 15.847768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.848159] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.848517] [ 15.848616] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.848657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.848689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.848710] Call Trace: [ 15.848723] <TASK> [ 15.848736] dump_stack_lvl+0x73/0xb0 [ 15.848763] print_report+0xd1/0x610 [ 15.848784] ? __virt_addr_valid+0x1db/0x2d0 [ 15.848807] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.848827] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.848850] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.848871] kasan_report+0x141/0x180 [ 15.848894] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.848928] kasan_check_range+0x10c/0x1c0 [ 15.848952] __kasan_check_write+0x18/0x20 [ 15.848970] kasan_atomics_helper+0x1a7f/0x5450 [ 15.848993] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.849015] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.849039] ? trace_hardirqs_on+0x37/0xe0 [ 15.849060] ? kasan_atomics+0x152/0x310 [ 15.849086] kasan_atomics+0x1dc/0x310 [ 15.849108] ? __pfx_kasan_atomics+0x10/0x10 [ 15.849132] ? __pfx_kasan_atomics+0x10/0x10 [ 15.849158] kunit_try_run_case+0x1a5/0x480 [ 15.849182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.849205] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.849228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.849252] ? __kthread_parkme+0x82/0x180 [ 15.849271] ? preempt_count_sub+0x50/0x80 [ 15.849293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.849317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.849342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.849366] kthread+0x337/0x6f0 [ 15.849386] ? trace_preempt_on+0x20/0xc0 [ 15.849407] ? __pfx_kthread+0x10/0x10 [ 15.849428] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.849450] ? calculate_sigpending+0x7b/0xa0 [ 15.849473] ? __pfx_kthread+0x10/0x10 [ 15.849494] ret_from_fork+0x116/0x1d0 [ 15.849515] ? __pfx_kthread+0x10/0x10 [ 15.849535] ret_from_fork_asm+0x1a/0x30 [ 15.849567] </TASK> [ 15.849577] [ 15.856814] Allocated by task 283: [ 15.856954] kasan_save_stack+0x45/0x70 [ 15.857099] kasan_save_track+0x18/0x40 [ 15.857235] kasan_save_alloc_info+0x3b/0x50 [ 15.857383] __kasan_kmalloc+0xb7/0xc0 [ 15.857571] __kmalloc_cache_noprof+0x189/0x420 [ 15.857817] kasan_atomics+0x95/0x310 [ 15.858016] kunit_try_run_case+0x1a5/0x480 [ 15.858224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.858476] kthread+0x337/0x6f0 [ 15.858643] ret_from_fork+0x116/0x1d0 [ 15.858847] ret_from_fork_asm+0x1a/0x30 [ 15.859064] [ 15.859159] The buggy address belongs to the object at ffff888102744f80 [ 15.859159] which belongs to the cache kmalloc-64 of size 64 [ 15.859679] The buggy address is located 0 bytes to the right of [ 15.859679] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.860091] [ 15.860165] The buggy address belongs to the physical page: [ 15.860349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.860725] flags: 0x200000000000000(node=0|zone=2) [ 15.860973] page_type: f5(slab) [ 15.861145] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.861464] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.861720] page dumped because: kasan: bad access detected [ 15.861892] [ 15.861970] Memory state around the buggy address: [ 15.862128] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.862344] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.862654] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.862996] ^ [ 15.863229] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.863552] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.863890] ================================================================== [ 15.593665] ================================================================== [ 15.593995] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.594440] Read of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.594728] [ 15.594853] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.594895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.594919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.594992] Call Trace: [ 15.595007] <TASK> [ 15.595022] dump_stack_lvl+0x73/0xb0 [ 15.595058] print_report+0xd1/0x610 [ 15.595079] ? __virt_addr_valid+0x1db/0x2d0 [ 15.595102] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.595123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.595145] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.595167] kasan_report+0x141/0x180 [ 15.595188] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.595214] __asan_report_load8_noabort+0x18/0x20 [ 15.595238] kasan_atomics_helper+0x4eae/0x5450 [ 15.595260] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.595282] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.595306] ? trace_hardirqs_on+0x37/0xe0 [ 15.595328] ? kasan_atomics+0x152/0x310 [ 15.595355] kasan_atomics+0x1dc/0x310 [ 15.595377] ? __pfx_kasan_atomics+0x10/0x10 [ 15.595402] ? __pfx_kasan_atomics+0x10/0x10 [ 15.595429] kunit_try_run_case+0x1a5/0x480 [ 15.595453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.595476] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.595499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.595522] ? __kthread_parkme+0x82/0x180 [ 15.595542] ? preempt_count_sub+0x50/0x80 [ 15.595566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.595590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.595613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.595637] kthread+0x337/0x6f0 [ 15.595656] ? trace_preempt_on+0x20/0xc0 [ 15.595679] ? __pfx_kthread+0x10/0x10 [ 15.595711] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.595732] ? calculate_sigpending+0x7b/0xa0 [ 15.595756] ? __pfx_kthread+0x10/0x10 [ 15.595777] ret_from_fork+0x116/0x1d0 [ 15.595796] ? __pfx_kthread+0x10/0x10 [ 15.595816] ret_from_fork_asm+0x1a/0x30 [ 15.595847] </TASK> [ 15.595857] [ 15.603176] Allocated by task 283: [ 15.603334] kasan_save_stack+0x45/0x70 [ 15.603496] kasan_save_track+0x18/0x40 [ 15.603631] kasan_save_alloc_info+0x3b/0x50 [ 15.603780] __kasan_kmalloc+0xb7/0xc0 [ 15.603978] __kmalloc_cache_noprof+0x189/0x420 [ 15.604208] kasan_atomics+0x95/0x310 [ 15.604394] kunit_try_run_case+0x1a5/0x480 [ 15.604600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.604889] kthread+0x337/0x6f0 [ 15.605020] ret_from_fork+0x116/0x1d0 [ 15.605154] ret_from_fork_asm+0x1a/0x30 [ 15.605354] [ 15.605447] The buggy address belongs to the object at ffff888102744f80 [ 15.605447] which belongs to the cache kmalloc-64 of size 64 [ 15.606136] The buggy address is located 0 bytes to the right of [ 15.606136] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.606626] [ 15.606745] The buggy address belongs to the physical page: [ 15.606977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.607267] flags: 0x200000000000000(node=0|zone=2) [ 15.607495] page_type: f5(slab) [ 15.607670] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.607960] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.608262] page dumped because: kasan: bad access detected [ 15.608476] [ 15.608544] Memory state around the buggy address: [ 15.608700] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.608927] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.609144] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.609414] ^ [ 15.609634] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.610063] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.610277] ================================================================== [ 16.176444] ================================================================== [ 16.177002] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.177476] Read of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 16.177945] [ 16.178055] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.178096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.178108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.178128] Call Trace: [ 16.178142] <TASK> [ 16.178155] dump_stack_lvl+0x73/0xb0 [ 16.178183] print_report+0xd1/0x610 [ 16.178205] ? __virt_addr_valid+0x1db/0x2d0 [ 16.178250] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.178272] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.178309] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.178345] kasan_report+0x141/0x180 [ 16.178380] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.178420] __asan_report_load8_noabort+0x18/0x20 [ 16.178458] kasan_atomics_helper+0x4fa5/0x5450 [ 16.178481] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.178516] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.178552] ? trace_hardirqs_on+0x37/0xe0 [ 16.178587] ? kasan_atomics+0x152/0x310 [ 16.178627] kasan_atomics+0x1dc/0x310 [ 16.178663] ? __pfx_kasan_atomics+0x10/0x10 [ 16.178697] ? __pfx_kasan_atomics+0x10/0x10 [ 16.178724] kunit_try_run_case+0x1a5/0x480 [ 16.178749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.178772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.178796] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.178820] ? __kthread_parkme+0x82/0x180 [ 16.178841] ? preempt_count_sub+0x50/0x80 [ 16.178864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.178889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.178923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.178947] kthread+0x337/0x6f0 [ 16.178967] ? trace_preempt_on+0x20/0xc0 [ 16.178989] ? __pfx_kthread+0x10/0x10 [ 16.179010] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.179031] ? calculate_sigpending+0x7b/0xa0 [ 16.179058] ? __pfx_kthread+0x10/0x10 [ 16.179080] ret_from_fork+0x116/0x1d0 [ 16.179099] ? __pfx_kthread+0x10/0x10 [ 16.179120] ret_from_fork_asm+0x1a/0x30 [ 16.179150] </TASK> [ 16.179162] [ 16.186827] Allocated by task 283: [ 16.187039] kasan_save_stack+0x45/0x70 [ 16.187206] kasan_save_track+0x18/0x40 [ 16.187343] kasan_save_alloc_info+0x3b/0x50 [ 16.187498] __kasan_kmalloc+0xb7/0xc0 [ 16.187685] __kmalloc_cache_noprof+0x189/0x420 [ 16.187929] kasan_atomics+0x95/0x310 [ 16.188132] kunit_try_run_case+0x1a5/0x480 [ 16.188340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.188592] kthread+0x337/0x6f0 [ 16.188861] ret_from_fork+0x116/0x1d0 [ 16.189060] ret_from_fork_asm+0x1a/0x30 [ 16.189256] [ 16.189351] The buggy address belongs to the object at ffff888102744f80 [ 16.189351] which belongs to the cache kmalloc-64 of size 64 [ 16.189878] The buggy address is located 0 bytes to the right of [ 16.189878] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 16.190724] [ 16.190819] The buggy address belongs to the physical page: [ 16.191082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 16.191339] flags: 0x200000000000000(node=0|zone=2) [ 16.191503] page_type: f5(slab) [ 16.191623] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.192338] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.192679] page dumped because: kasan: bad access detected [ 16.192966] [ 16.193061] Memory state around the buggy address: [ 16.193306] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.193605] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.193893] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.194220] ^ [ 16.194431] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.194744] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.195057] ================================================================== [ 15.282179] ================================================================== [ 15.282613] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.283019] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.283291] [ 15.283466] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.283510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.283523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.283544] Call Trace: [ 15.283560] <TASK> [ 15.283577] dump_stack_lvl+0x73/0xb0 [ 15.283605] print_report+0xd1/0x610 [ 15.283627] ? __virt_addr_valid+0x1db/0x2d0 [ 15.283650] ? kasan_atomics_helper+0xd47/0x5450 [ 15.283671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.283693] ? kasan_atomics_helper+0xd47/0x5450 [ 15.283715] kasan_report+0x141/0x180 [ 15.283737] ? kasan_atomics_helper+0xd47/0x5450 [ 15.283763] kasan_check_range+0x10c/0x1c0 [ 15.283787] __kasan_check_write+0x18/0x20 [ 15.283806] kasan_atomics_helper+0xd47/0x5450 [ 15.283828] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.283850] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.283873] ? trace_hardirqs_on+0x37/0xe0 [ 15.283895] ? kasan_atomics+0x152/0x310 [ 15.283935] kasan_atomics+0x1dc/0x310 [ 15.283958] ? __pfx_kasan_atomics+0x10/0x10 [ 15.283981] ? __pfx_kasan_atomics+0x10/0x10 [ 15.284008] kunit_try_run_case+0x1a5/0x480 [ 15.284032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.284054] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.284078] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.284101] ? __kthread_parkme+0x82/0x180 [ 15.284123] ? preempt_count_sub+0x50/0x80 [ 15.284146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.284170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.284193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.284216] kthread+0x337/0x6f0 [ 15.284236] ? trace_preempt_on+0x20/0xc0 [ 15.284258] ? __pfx_kthread+0x10/0x10 [ 15.284279] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.284300] ? calculate_sigpending+0x7b/0xa0 [ 15.284323] ? __pfx_kthread+0x10/0x10 [ 15.284345] ret_from_fork+0x116/0x1d0 [ 15.284381] ? __pfx_kthread+0x10/0x10 [ 15.284402] ret_from_fork_asm+0x1a/0x30 [ 15.284432] </TASK> [ 15.284442] [ 15.292501] Allocated by task 283: [ 15.292694] kasan_save_stack+0x45/0x70 [ 15.292886] kasan_save_track+0x18/0x40 [ 15.293039] kasan_save_alloc_info+0x3b/0x50 [ 15.293189] __kasan_kmalloc+0xb7/0xc0 [ 15.293332] __kmalloc_cache_noprof+0x189/0x420 [ 15.293571] kasan_atomics+0x95/0x310 [ 15.293769] kunit_try_run_case+0x1a5/0x480 [ 15.293991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.294222] kthread+0x337/0x6f0 [ 15.294344] ret_from_fork+0x116/0x1d0 [ 15.294498] ret_from_fork_asm+0x1a/0x30 [ 15.294879] [ 15.295002] The buggy address belongs to the object at ffff888102744f80 [ 15.295002] which belongs to the cache kmalloc-64 of size 64 [ 15.295598] The buggy address is located 0 bytes to the right of [ 15.295598] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.296100] [ 15.296202] The buggy address belongs to the physical page: [ 15.296453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.296693] flags: 0x200000000000000(node=0|zone=2) [ 15.296853] page_type: f5(slab) [ 15.296982] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.297210] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.297736] page dumped because: kasan: bad access detected [ 15.297996] [ 15.298089] Memory state around the buggy address: [ 15.298311] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.298625] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.299010] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.299229] ^ [ 15.299384] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.299615] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.301042] ================================================================== [ 14.968014] ================================================================== [ 14.968767] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.969565] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 14.969843] [ 14.969945] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.969993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.970006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.970027] Call Trace: [ 14.970044] <TASK> [ 14.970060] dump_stack_lvl+0x73/0xb0 [ 14.970088] print_report+0xd1/0x610 [ 14.970111] ? __virt_addr_valid+0x1db/0x2d0 [ 14.970134] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.970155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.970178] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.970199] kasan_report+0x141/0x180 [ 14.970222] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.970249] kasan_check_range+0x10c/0x1c0 [ 14.970272] __kasan_check_write+0x18/0x20 [ 14.970292] kasan_atomics_helper+0x5fe/0x5450 [ 14.970314] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.970337] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.970360] ? trace_hardirqs_on+0x37/0xe0 [ 14.970382] ? kasan_atomics+0x152/0x310 [ 14.970409] kasan_atomics+0x1dc/0x310 [ 14.970431] ? __pfx_kasan_atomics+0x10/0x10 [ 14.970456] ? __pfx_kasan_atomics+0x10/0x10 [ 14.970482] kunit_try_run_case+0x1a5/0x480 [ 14.970506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.970529] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.970553] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.970575] ? __kthread_parkme+0x82/0x180 [ 14.970595] ? preempt_count_sub+0x50/0x80 [ 14.970619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.970643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.970666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.970689] kthread+0x337/0x6f0 [ 14.970708] ? trace_preempt_on+0x20/0xc0 [ 14.970731] ? __pfx_kthread+0x10/0x10 [ 14.970751] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.970773] ? calculate_sigpending+0x7b/0xa0 [ 14.970796] ? __pfx_kthread+0x10/0x10 [ 14.970817] ret_from_fork+0x116/0x1d0 [ 14.970836] ? __pfx_kthread+0x10/0x10 [ 14.970855] ret_from_fork_asm+0x1a/0x30 [ 14.970886] </TASK> [ 14.970897] [ 14.989173] Allocated by task 283: [ 14.989523] kasan_save_stack+0x45/0x70 [ 14.989852] kasan_save_track+0x18/0x40 [ 14.990068] kasan_save_alloc_info+0x3b/0x50 [ 14.990269] __kasan_kmalloc+0xb7/0xc0 [ 14.990703] __kmalloc_cache_noprof+0x189/0x420 [ 14.991151] kasan_atomics+0x95/0x310 [ 14.991629] kunit_try_run_case+0x1a5/0x480 [ 14.991923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.992165] kthread+0x337/0x6f0 [ 14.992316] ret_from_fork+0x116/0x1d0 [ 14.992779] ret_from_fork_asm+0x1a/0x30 [ 14.993111] [ 14.993338] The buggy address belongs to the object at ffff888102744f80 [ 14.993338] which belongs to the cache kmalloc-64 of size 64 [ 14.994069] The buggy address is located 0 bytes to the right of [ 14.994069] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 14.995196] [ 14.995298] The buggy address belongs to the physical page: [ 14.995784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 14.996458] flags: 0x200000000000000(node=0|zone=2) [ 14.996932] page_type: f5(slab) [ 14.997376] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.997939] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.998231] page dumped because: kasan: bad access detected [ 14.998647] [ 14.998901] Memory state around the buggy address: [ 14.999264] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.999872] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.000506] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.001160] ^ [ 15.001561] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.001981] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.002622] ================================================================== [ 15.731666] ================================================================== [ 15.731987] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.732221] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.732668] [ 15.732817] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.732862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.732875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.732897] Call Trace: [ 15.732918] <TASK> [ 15.732933] dump_stack_lvl+0x73/0xb0 [ 15.732959] print_report+0xd1/0x610 [ 15.732981] ? __virt_addr_valid+0x1db/0x2d0 [ 15.733003] ? kasan_atomics_helper+0x177f/0x5450 [ 15.733026] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.733048] ? kasan_atomics_helper+0x177f/0x5450 [ 15.733071] kasan_report+0x141/0x180 [ 15.733094] ? kasan_atomics_helper+0x177f/0x5450 [ 15.733120] kasan_check_range+0x10c/0x1c0 [ 15.733145] __kasan_check_write+0x18/0x20 [ 15.733164] kasan_atomics_helper+0x177f/0x5450 [ 15.733186] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.733209] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.733232] ? trace_hardirqs_on+0x37/0xe0 [ 15.733256] ? kasan_atomics+0x152/0x310 [ 15.733295] kasan_atomics+0x1dc/0x310 [ 15.733318] ? __pfx_kasan_atomics+0x10/0x10 [ 15.733341] ? __pfx_kasan_atomics+0x10/0x10 [ 15.733379] kunit_try_run_case+0x1a5/0x480 [ 15.733404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.733426] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.733449] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.733482] ? __kthread_parkme+0x82/0x180 [ 15.733502] ? preempt_count_sub+0x50/0x80 [ 15.733526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.733561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.733583] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.733607] kthread+0x337/0x6f0 [ 15.733636] ? trace_preempt_on+0x20/0xc0 [ 15.733658] ? __pfx_kthread+0x10/0x10 [ 15.733679] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.733722] ? calculate_sigpending+0x7b/0xa0 [ 15.733744] ? __pfx_kthread+0x10/0x10 [ 15.733766] ret_from_fork+0x116/0x1d0 [ 15.733785] ? __pfx_kthread+0x10/0x10 [ 15.733805] ret_from_fork_asm+0x1a/0x30 [ 15.733845] </TASK> [ 15.733858] [ 15.741300] Allocated by task 283: [ 15.741430] kasan_save_stack+0x45/0x70 [ 15.741573] kasan_save_track+0x18/0x40 [ 15.741722] kasan_save_alloc_info+0x3b/0x50 [ 15.741937] __kasan_kmalloc+0xb7/0xc0 [ 15.742119] __kmalloc_cache_noprof+0x189/0x420 [ 15.742400] kasan_atomics+0x95/0x310 [ 15.742590] kunit_try_run_case+0x1a5/0x480 [ 15.742944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.743203] kthread+0x337/0x6f0 [ 15.743378] ret_from_fork+0x116/0x1d0 [ 15.743565] ret_from_fork_asm+0x1a/0x30 [ 15.743847] [ 15.743951] The buggy address belongs to the object at ffff888102744f80 [ 15.743951] which belongs to the cache kmalloc-64 of size 64 [ 15.744411] The buggy address is located 0 bytes to the right of [ 15.744411] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.745016] [ 15.745114] The buggy address belongs to the physical page: [ 15.745414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.745886] flags: 0x200000000000000(node=0|zone=2) [ 15.746142] page_type: f5(slab) [ 15.746419] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.746786] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.747131] page dumped because: kasan: bad access detected [ 15.747316] [ 15.747386] Memory state around the buggy address: [ 15.747541] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.747804] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.748225] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.748791] ^ [ 15.749048] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.749365] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.749647] ================================================================== [ 15.455054] ================================================================== [ 15.455539] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.456126] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.456460] [ 15.456571] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.456615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.456627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.456649] Call Trace: [ 15.456665] <TASK> [ 15.456680] dump_stack_lvl+0x73/0xb0 [ 15.456709] print_report+0xd1/0x610 [ 15.456732] ? __virt_addr_valid+0x1db/0x2d0 [ 15.456754] ? kasan_atomics_helper+0x1148/0x5450 [ 15.456775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.456797] ? kasan_atomics_helper+0x1148/0x5450 [ 15.456819] kasan_report+0x141/0x180 [ 15.456840] ? kasan_atomics_helper+0x1148/0x5450 [ 15.456867] kasan_check_range+0x10c/0x1c0 [ 15.456890] __kasan_check_write+0x18/0x20 [ 15.456920] kasan_atomics_helper+0x1148/0x5450 [ 15.456942] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.456964] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.456987] ? trace_hardirqs_on+0x37/0xe0 [ 15.457009] ? kasan_atomics+0x152/0x310 [ 15.457036] kasan_atomics+0x1dc/0x310 [ 15.457057] ? __pfx_kasan_atomics+0x10/0x10 [ 15.457081] ? __pfx_kasan_atomics+0x10/0x10 [ 15.457110] kunit_try_run_case+0x1a5/0x480 [ 15.457134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.457157] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.457181] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.457204] ? __kthread_parkme+0x82/0x180 [ 15.457224] ? preempt_count_sub+0x50/0x80 [ 15.457247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.457271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.457294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.457317] kthread+0x337/0x6f0 [ 15.457337] ? trace_preempt_on+0x20/0xc0 [ 15.457359] ? __pfx_kthread+0x10/0x10 [ 15.457379] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.457401] ? calculate_sigpending+0x7b/0xa0 [ 15.457424] ? __pfx_kthread+0x10/0x10 [ 15.457445] ret_from_fork+0x116/0x1d0 [ 15.457464] ? __pfx_kthread+0x10/0x10 [ 15.457485] ret_from_fork_asm+0x1a/0x30 [ 15.457515] </TASK> [ 15.457526] [ 15.464801] Allocated by task 283: [ 15.464984] kasan_save_stack+0x45/0x70 [ 15.465138] kasan_save_track+0x18/0x40 [ 15.465274] kasan_save_alloc_info+0x3b/0x50 [ 15.465423] __kasan_kmalloc+0xb7/0xc0 [ 15.465555] __kmalloc_cache_noprof+0x189/0x420 [ 15.465844] kasan_atomics+0x95/0x310 [ 15.466042] kunit_try_run_case+0x1a5/0x480 [ 15.466249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.466501] kthread+0x337/0x6f0 [ 15.466667] ret_from_fork+0x116/0x1d0 [ 15.466843] ret_from_fork_asm+0x1a/0x30 [ 15.466994] [ 15.467069] The buggy address belongs to the object at ffff888102744f80 [ 15.467069] which belongs to the cache kmalloc-64 of size 64 [ 15.467511] The buggy address is located 0 bytes to the right of [ 15.467511] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.468334] [ 15.468406] The buggy address belongs to the physical page: [ 15.468576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.468812] flags: 0x200000000000000(node=0|zone=2) [ 15.468983] page_type: f5(slab) [ 15.469104] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.469689] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.470036] page dumped because: kasan: bad access detected [ 15.470291] [ 15.470384] Memory state around the buggy address: [ 15.470607] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.470919] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.471144] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.471359] ^ [ 15.471512] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.472144] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.472460] ================================================================== [ 16.015642] ================================================================== [ 16.016212] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.016690] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 16.017218] [ 16.017438] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.017485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.017498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.017519] Call Trace: [ 16.017533] <TASK> [ 16.017547] dump_stack_lvl+0x73/0xb0 [ 16.017578] print_report+0xd1/0x610 [ 16.017601] ? __virt_addr_valid+0x1db/0x2d0 [ 16.017626] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.017649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.017792] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.017820] kasan_report+0x141/0x180 [ 16.017844] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.017871] kasan_check_range+0x10c/0x1c0 [ 16.017896] __kasan_check_write+0x18/0x20 [ 16.017928] kasan_atomics_helper+0x1f43/0x5450 [ 16.017950] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.017972] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.017997] ? trace_hardirqs_on+0x37/0xe0 [ 16.018019] ? kasan_atomics+0x152/0x310 [ 16.018046] kasan_atomics+0x1dc/0x310 [ 16.018068] ? __pfx_kasan_atomics+0x10/0x10 [ 16.018091] ? __pfx_kasan_atomics+0x10/0x10 [ 16.018117] kunit_try_run_case+0x1a5/0x480 [ 16.018141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.018164] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.018187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.018211] ? __kthread_parkme+0x82/0x180 [ 16.018230] ? preempt_count_sub+0x50/0x80 [ 16.018254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.018277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.018300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.018323] kthread+0x337/0x6f0 [ 16.018342] ? trace_preempt_on+0x20/0xc0 [ 16.018365] ? __pfx_kthread+0x10/0x10 [ 16.018385] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.018406] ? calculate_sigpending+0x7b/0xa0 [ 16.018429] ? __pfx_kthread+0x10/0x10 [ 16.018450] ret_from_fork+0x116/0x1d0 [ 16.018469] ? __pfx_kthread+0x10/0x10 [ 16.018489] ret_from_fork_asm+0x1a/0x30 [ 16.018520] </TASK> [ 16.018530] [ 16.029286] Allocated by task 283: [ 16.029458] kasan_save_stack+0x45/0x70 [ 16.029649] kasan_save_track+0x18/0x40 [ 16.030230] kasan_save_alloc_info+0x3b/0x50 [ 16.030517] __kasan_kmalloc+0xb7/0xc0 [ 16.030836] __kmalloc_cache_noprof+0x189/0x420 [ 16.031137] kasan_atomics+0x95/0x310 [ 16.031425] kunit_try_run_case+0x1a5/0x480 [ 16.031638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.032062] kthread+0x337/0x6f0 [ 16.032242] ret_from_fork+0x116/0x1d0 [ 16.032565] ret_from_fork_asm+0x1a/0x30 [ 16.032933] [ 16.033022] The buggy address belongs to the object at ffff888102744f80 [ 16.033022] which belongs to the cache kmalloc-64 of size 64 [ 16.033755] The buggy address is located 0 bytes to the right of [ 16.033755] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 16.034464] [ 16.034547] The buggy address belongs to the physical page: [ 16.034895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 16.035476] flags: 0x200000000000000(node=0|zone=2) [ 16.035817] page_type: f5(slab) [ 16.036074] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.036440] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.036967] page dumped because: kasan: bad access detected [ 16.037305] [ 16.037413] Memory state around the buggy address: [ 16.037861] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.038219] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.038619] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.039169] ^ [ 16.039423] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.039924] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.040228] ================================================================== [ 15.323623] ================================================================== [ 15.324100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.324356] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.324755] [ 15.324879] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.324933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.324946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.324966] Call Trace: [ 15.324978] <TASK> [ 15.324992] dump_stack_lvl+0x73/0xb0 [ 15.325019] print_report+0xd1/0x610 [ 15.325041] ? __virt_addr_valid+0x1db/0x2d0 [ 15.325063] ? kasan_atomics_helper+0xe78/0x5450 [ 15.325084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.325106] ? kasan_atomics_helper+0xe78/0x5450 [ 15.325127] kasan_report+0x141/0x180 [ 15.325149] ? kasan_atomics_helper+0xe78/0x5450 [ 15.325175] kasan_check_range+0x10c/0x1c0 [ 15.325198] __kasan_check_write+0x18/0x20 [ 15.325217] kasan_atomics_helper+0xe78/0x5450 [ 15.325240] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.325262] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.325286] ? trace_hardirqs_on+0x37/0xe0 [ 15.325308] ? kasan_atomics+0x152/0x310 [ 15.325335] kasan_atomics+0x1dc/0x310 [ 15.325359] ? __pfx_kasan_atomics+0x10/0x10 [ 15.325382] ? __pfx_kasan_atomics+0x10/0x10 [ 15.325409] kunit_try_run_case+0x1a5/0x480 [ 15.325433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.325456] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.325480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.325503] ? __kthread_parkme+0x82/0x180 [ 15.325523] ? preempt_count_sub+0x50/0x80 [ 15.325546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.325744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.325769] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.325793] kthread+0x337/0x6f0 [ 15.325813] ? trace_preempt_on+0x20/0xc0 [ 15.325835] ? __pfx_kthread+0x10/0x10 [ 15.325856] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.325878] ? calculate_sigpending+0x7b/0xa0 [ 15.325902] ? __pfx_kthread+0x10/0x10 [ 15.325938] ret_from_fork+0x116/0x1d0 [ 15.325957] ? __pfx_kthread+0x10/0x10 [ 15.325978] ret_from_fork_asm+0x1a/0x30 [ 15.326009] </TASK> [ 15.326019] [ 15.337324] Allocated by task 283: [ 15.337500] kasan_save_stack+0x45/0x70 [ 15.337841] kasan_save_track+0x18/0x40 [ 15.338024] kasan_save_alloc_info+0x3b/0x50 [ 15.338237] __kasan_kmalloc+0xb7/0xc0 [ 15.338411] __kmalloc_cache_noprof+0x189/0x420 [ 15.338687] kasan_atomics+0x95/0x310 [ 15.338953] kunit_try_run_case+0x1a5/0x480 [ 15.339147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.339329] kthread+0x337/0x6f0 [ 15.339496] ret_from_fork+0x116/0x1d0 [ 15.339788] ret_from_fork_asm+0x1a/0x30 [ 15.339950] [ 15.340049] The buggy address belongs to the object at ffff888102744f80 [ 15.340049] which belongs to the cache kmalloc-64 of size 64 [ 15.340608] The buggy address is located 0 bytes to the right of [ 15.340608] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.341168] [ 15.341241] The buggy address belongs to the physical page: [ 15.341451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.341863] flags: 0x200000000000000(node=0|zone=2) [ 15.342341] page_type: f5(slab) [ 15.342563] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.342971] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.343246] page dumped because: kasan: bad access detected [ 15.343420] [ 15.343515] Memory state around the buggy address: [ 15.343809] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.344127] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.344488] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.344841] ^ [ 15.345058] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.345360] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.345604] ================================================================== [ 15.610656] ================================================================== [ 15.610889] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.611221] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.612252] [ 15.612373] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.612418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.612430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.612452] Call Trace: [ 15.612466] <TASK> [ 15.612481] dump_stack_lvl+0x73/0xb0 [ 15.612510] print_report+0xd1/0x610 [ 15.612533] ? __virt_addr_valid+0x1db/0x2d0 [ 15.612555] ? kasan_atomics_helper+0x1467/0x5450 [ 15.612576] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.612598] ? kasan_atomics_helper+0x1467/0x5450 [ 15.612620] kasan_report+0x141/0x180 [ 15.612642] ? kasan_atomics_helper+0x1467/0x5450 [ 15.612668] kasan_check_range+0x10c/0x1c0 [ 15.613067] __kasan_check_write+0x18/0x20 [ 15.613089] kasan_atomics_helper+0x1467/0x5450 [ 15.613112] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.613135] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.613159] ? trace_hardirqs_on+0x37/0xe0 [ 15.613615] ? kasan_atomics+0x152/0x310 [ 15.613651] kasan_atomics+0x1dc/0x310 [ 15.613676] ? __pfx_kasan_atomics+0x10/0x10 [ 15.613700] ? __pfx_kasan_atomics+0x10/0x10 [ 15.613729] kunit_try_run_case+0x1a5/0x480 [ 15.613754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.613793] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.613820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.613846] ? __kthread_parkme+0x82/0x180 [ 15.613868] ? preempt_count_sub+0x50/0x80 [ 15.613891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.613927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.613950] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.613974] kthread+0x337/0x6f0 [ 15.613994] ? trace_preempt_on+0x20/0xc0 [ 15.614016] ? __pfx_kthread+0x10/0x10 [ 15.614038] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.614060] ? calculate_sigpending+0x7b/0xa0 [ 15.614083] ? __pfx_kthread+0x10/0x10 [ 15.614105] ret_from_fork+0x116/0x1d0 [ 15.614124] ? __pfx_kthread+0x10/0x10 [ 15.614145] ret_from_fork_asm+0x1a/0x30 [ 15.614175] </TASK> [ 15.614186] [ 15.621471] Allocated by task 283: [ 15.621637] kasan_save_stack+0x45/0x70 [ 15.621849] kasan_save_track+0x18/0x40 [ 15.622059] kasan_save_alloc_info+0x3b/0x50 [ 15.622272] __kasan_kmalloc+0xb7/0xc0 [ 15.622461] __kmalloc_cache_noprof+0x189/0x420 [ 15.622699] kasan_atomics+0x95/0x310 [ 15.622891] kunit_try_run_case+0x1a5/0x480 [ 15.623115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.623327] kthread+0x337/0x6f0 [ 15.623481] ret_from_fork+0x116/0x1d0 [ 15.623641] ret_from_fork_asm+0x1a/0x30 [ 15.623902] [ 15.623987] The buggy address belongs to the object at ffff888102744f80 [ 15.623987] which belongs to the cache kmalloc-64 of size 64 [ 15.624444] The buggy address is located 0 bytes to the right of [ 15.624444] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.624965] [ 15.625060] The buggy address belongs to the physical page: [ 15.625268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.625559] flags: 0x200000000000000(node=0|zone=2) [ 15.625819] page_type: f5(slab) [ 15.625996] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.626297] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.626603] page dumped because: kasan: bad access detected [ 15.626952] [ 15.627027] Memory state around the buggy address: [ 15.627205] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.627422] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.627638] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.627959] ^ [ 15.628188] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.628496] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.628839] ================================================================== [ 15.303069] ================================================================== [ 15.303560] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.304059] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.304792] [ 15.305081] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.305135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.305149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.305171] Call Trace: [ 15.305186] <TASK> [ 15.305202] dump_stack_lvl+0x73/0xb0 [ 15.305242] print_report+0xd1/0x610 [ 15.305266] ? __virt_addr_valid+0x1db/0x2d0 [ 15.305292] ? kasan_atomics_helper+0xde0/0x5450 [ 15.305314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.305337] ? kasan_atomics_helper+0xde0/0x5450 [ 15.305446] kasan_report+0x141/0x180 [ 15.305471] ? kasan_atomics_helper+0xde0/0x5450 [ 15.305498] kasan_check_range+0x10c/0x1c0 [ 15.305521] __kasan_check_write+0x18/0x20 [ 15.305541] kasan_atomics_helper+0xde0/0x5450 [ 15.305564] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.305586] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.305611] ? trace_hardirqs_on+0x37/0xe0 [ 15.305633] ? kasan_atomics+0x152/0x310 [ 15.305660] kasan_atomics+0x1dc/0x310 [ 15.305682] ? __pfx_kasan_atomics+0x10/0x10 [ 15.305706] ? __pfx_kasan_atomics+0x10/0x10 [ 15.305732] kunit_try_run_case+0x1a5/0x480 [ 15.305757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.305780] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.305803] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.305826] ? __kthread_parkme+0x82/0x180 [ 15.305847] ? preempt_count_sub+0x50/0x80 [ 15.305870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.305895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.305931] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.305955] kthread+0x337/0x6f0 [ 15.305976] ? trace_preempt_on+0x20/0xc0 [ 15.305999] ? __pfx_kthread+0x10/0x10 [ 15.306020] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.306041] ? calculate_sigpending+0x7b/0xa0 [ 15.306065] ? __pfx_kthread+0x10/0x10 [ 15.306086] ret_from_fork+0x116/0x1d0 [ 15.306105] ? __pfx_kthread+0x10/0x10 [ 15.306126] ret_from_fork_asm+0x1a/0x30 [ 15.306157] </TASK> [ 15.306168] [ 15.315010] Allocated by task 283: [ 15.315202] kasan_save_stack+0x45/0x70 [ 15.315460] kasan_save_track+0x18/0x40 [ 15.315647] kasan_save_alloc_info+0x3b/0x50 [ 15.315827] __kasan_kmalloc+0xb7/0xc0 [ 15.316015] __kmalloc_cache_noprof+0x189/0x420 [ 15.316242] kasan_atomics+0x95/0x310 [ 15.316397] kunit_try_run_case+0x1a5/0x480 [ 15.316542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.316788] kthread+0x337/0x6f0 [ 15.316971] ret_from_fork+0x116/0x1d0 [ 15.317158] ret_from_fork_asm+0x1a/0x30 [ 15.317361] [ 15.317453] The buggy address belongs to the object at ffff888102744f80 [ 15.317453] which belongs to the cache kmalloc-64 of size 64 [ 15.318118] The buggy address is located 0 bytes to the right of [ 15.318118] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.318573] [ 15.318646] The buggy address belongs to the physical page: [ 15.318819] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.319079] flags: 0x200000000000000(node=0|zone=2) [ 15.319248] page_type: f5(slab) [ 15.319419] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.319874] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.320216] page dumped because: kasan: bad access detected [ 15.320466] [ 15.320558] Memory state around the buggy address: [ 15.320777] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.321147] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.321361] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.321570] ^ [ 15.322139] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.322718] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.323069] ================================================================== [ 15.750436] ================================================================== [ 15.750807] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.751130] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.751373] [ 15.751483] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.751523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.751535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.751555] Call Trace: [ 15.751569] <TASK> [ 15.751584] dump_stack_lvl+0x73/0xb0 [ 15.751611] print_report+0xd1/0x610 [ 15.751632] ? __virt_addr_valid+0x1db/0x2d0 [ 15.751655] ? kasan_atomics_helper+0x1818/0x5450 [ 15.751675] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.751745] ? kasan_atomics_helper+0x1818/0x5450 [ 15.751767] kasan_report+0x141/0x180 [ 15.751827] ? kasan_atomics_helper+0x1818/0x5450 [ 15.751866] kasan_check_range+0x10c/0x1c0 [ 15.751901] __kasan_check_write+0x18/0x20 [ 15.751930] kasan_atomics_helper+0x1818/0x5450 [ 15.751953] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.751976] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.751998] ? trace_hardirqs_on+0x37/0xe0 [ 15.752020] ? kasan_atomics+0x152/0x310 [ 15.752047] kasan_atomics+0x1dc/0x310 [ 15.752069] ? __pfx_kasan_atomics+0x10/0x10 [ 15.752092] ? __pfx_kasan_atomics+0x10/0x10 [ 15.752119] kunit_try_run_case+0x1a5/0x480 [ 15.752143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.752166] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.752190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.752213] ? __kthread_parkme+0x82/0x180 [ 15.752233] ? preempt_count_sub+0x50/0x80 [ 15.752257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.752281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.752304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.752327] kthread+0x337/0x6f0 [ 15.752347] ? trace_preempt_on+0x20/0xc0 [ 15.752369] ? __pfx_kthread+0x10/0x10 [ 15.752389] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.752410] ? calculate_sigpending+0x7b/0xa0 [ 15.752434] ? __pfx_kthread+0x10/0x10 [ 15.752456] ret_from_fork+0x116/0x1d0 [ 15.752474] ? __pfx_kthread+0x10/0x10 [ 15.752495] ret_from_fork_asm+0x1a/0x30 [ 15.752525] </TASK> [ 15.752536] [ 15.763717] Allocated by task 283: [ 15.764076] kasan_save_stack+0x45/0x70 [ 15.764463] kasan_save_track+0x18/0x40 [ 15.764851] kasan_save_alloc_info+0x3b/0x50 [ 15.765259] __kasan_kmalloc+0xb7/0xc0 [ 15.765608] __kmalloc_cache_noprof+0x189/0x420 [ 15.765950] kasan_atomics+0x95/0x310 [ 15.766094] kunit_try_run_case+0x1a5/0x480 [ 15.766246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.766425] kthread+0x337/0x6f0 [ 15.766547] ret_from_fork+0x116/0x1d0 [ 15.766719] ret_from_fork_asm+0x1a/0x30 [ 15.767129] [ 15.767307] The buggy address belongs to the object at ffff888102744f80 [ 15.767307] which belongs to the cache kmalloc-64 of size 64 [ 15.768405] The buggy address is located 0 bytes to the right of [ 15.768405] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.769498] [ 15.769660] The buggy address belongs to the physical page: [ 15.770182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.770881] flags: 0x200000000000000(node=0|zone=2) [ 15.771118] page_type: f5(slab) [ 15.771240] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.771471] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.771779] page dumped because: kasan: bad access detected [ 15.772247] [ 15.772401] Memory state around the buggy address: [ 15.772826] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.773416] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.774043] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.774618] ^ [ 15.775055] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.775646] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.776070] ================================================================== [ 15.260051] ================================================================== [ 15.260570] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.260938] Read of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.261268] [ 15.261382] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.261424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.261436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.261457] Call Trace: [ 15.261471] <TASK> [ 15.261485] dump_stack_lvl+0x73/0xb0 [ 15.261513] print_report+0xd1/0x610 [ 15.261534] ? __virt_addr_valid+0x1db/0x2d0 [ 15.261557] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.261578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.261600] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.261621] kasan_report+0x141/0x180 [ 15.261643] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.261669] __asan_report_load4_noabort+0x18/0x20 [ 15.261693] kasan_atomics_helper+0x4a84/0x5450 [ 15.261715] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.261791] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.261816] ? trace_hardirqs_on+0x37/0xe0 [ 15.261838] ? kasan_atomics+0x152/0x310 [ 15.261865] kasan_atomics+0x1dc/0x310 [ 15.261888] ? __pfx_kasan_atomics+0x10/0x10 [ 15.261921] ? __pfx_kasan_atomics+0x10/0x10 [ 15.261949] kunit_try_run_case+0x1a5/0x480 [ 15.261973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.261996] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.262019] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.262042] ? __kthread_parkme+0x82/0x180 [ 15.262061] ? preempt_count_sub+0x50/0x80 [ 15.262084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.262132] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.262156] kthread+0x337/0x6f0 [ 15.262175] ? trace_preempt_on+0x20/0xc0 [ 15.262196] ? __pfx_kthread+0x10/0x10 [ 15.262216] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.262238] ? calculate_sigpending+0x7b/0xa0 [ 15.262262] ? __pfx_kthread+0x10/0x10 [ 15.262283] ret_from_fork+0x116/0x1d0 [ 15.262303] ? __pfx_kthread+0x10/0x10 [ 15.262411] ret_from_fork_asm+0x1a/0x30 [ 15.262446] </TASK> [ 15.262457] [ 15.273173] Allocated by task 283: [ 15.273318] kasan_save_stack+0x45/0x70 [ 15.273466] kasan_save_track+0x18/0x40 [ 15.273792] kasan_save_alloc_info+0x3b/0x50 [ 15.274019] __kasan_kmalloc+0xb7/0xc0 [ 15.274209] __kmalloc_cache_noprof+0x189/0x420 [ 15.274406] kasan_atomics+0x95/0x310 [ 15.274688] kunit_try_run_case+0x1a5/0x480 [ 15.274937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.275195] kthread+0x337/0x6f0 [ 15.275321] ret_from_fork+0x116/0x1d0 [ 15.275567] ret_from_fork_asm+0x1a/0x30 [ 15.275844] [ 15.275930] The buggy address belongs to the object at ffff888102744f80 [ 15.275930] which belongs to the cache kmalloc-64 of size 64 [ 15.276548] The buggy address is located 0 bytes to the right of [ 15.276548] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.277049] [ 15.277123] The buggy address belongs to the physical page: [ 15.277357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.277819] flags: 0x200000000000000(node=0|zone=2) [ 15.278006] page_type: f5(slab) [ 15.278127] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.278625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.279054] page dumped because: kasan: bad access detected [ 15.279292] [ 15.279374] Memory state around the buggy address: [ 15.279570] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.279875] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.280102] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.280864] ^ [ 15.281050] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.281330] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.281735] ================================================================== [ 15.906113] ================================================================== [ 15.906808] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 15.907135] Read of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.907360] [ 15.907444] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.907487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.907500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.907520] Call Trace: [ 15.907536] <TASK> [ 15.907551] dump_stack_lvl+0x73/0xb0 [ 15.907578] print_report+0xd1/0x610 [ 15.907600] ? __virt_addr_valid+0x1db/0x2d0 [ 15.907622] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.907643] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.907693] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.907715] kasan_report+0x141/0x180 [ 15.907738] ? kasan_atomics_helper+0x4f30/0x5450 [ 15.907764] __asan_report_load8_noabort+0x18/0x20 [ 15.907787] kasan_atomics_helper+0x4f30/0x5450 [ 15.907810] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.907832] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.907857] ? trace_hardirqs_on+0x37/0xe0 [ 15.907879] ? kasan_atomics+0x152/0x310 [ 15.907914] kasan_atomics+0x1dc/0x310 [ 15.907936] ? __pfx_kasan_atomics+0x10/0x10 [ 15.907961] ? __pfx_kasan_atomics+0x10/0x10 [ 15.907987] kunit_try_run_case+0x1a5/0x480 [ 15.908011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.908034] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.908058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.908081] ? __kthread_parkme+0x82/0x180 [ 15.908102] ? preempt_count_sub+0x50/0x80 [ 15.908125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.908149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.908172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.908195] kthread+0x337/0x6f0 [ 15.908215] ? trace_preempt_on+0x20/0xc0 [ 15.908237] ? __pfx_kthread+0x10/0x10 [ 15.908258] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.908279] ? calculate_sigpending+0x7b/0xa0 [ 15.908302] ? __pfx_kthread+0x10/0x10 [ 15.908323] ret_from_fork+0x116/0x1d0 [ 15.908342] ? __pfx_kthread+0x10/0x10 [ 15.908362] ret_from_fork_asm+0x1a/0x30 [ 15.908392] </TASK> [ 15.908404] [ 15.921218] Allocated by task 283: [ 15.921539] kasan_save_stack+0x45/0x70 [ 15.921919] kasan_save_track+0x18/0x40 [ 15.922239] kasan_save_alloc_info+0x3b/0x50 [ 15.922389] __kasan_kmalloc+0xb7/0xc0 [ 15.922522] __kmalloc_cache_noprof+0x189/0x420 [ 15.922709] kasan_atomics+0x95/0x310 [ 15.923059] kunit_try_run_case+0x1a5/0x480 [ 15.923421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.923932] kthread+0x337/0x6f0 [ 15.924234] ret_from_fork+0x116/0x1d0 [ 15.924563] ret_from_fork_asm+0x1a/0x30 [ 15.924959] [ 15.925115] The buggy address belongs to the object at ffff888102744f80 [ 15.925115] which belongs to the cache kmalloc-64 of size 64 [ 15.925882] The buggy address is located 0 bytes to the right of [ 15.925882] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.926967] [ 15.927063] The buggy address belongs to the physical page: [ 15.927237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.927476] flags: 0x200000000000000(node=0|zone=2) [ 15.927637] page_type: f5(slab) [ 15.927984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.928737] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.929209] page dumped because: kasan: bad access detected [ 15.929388] [ 15.929459] Memory state around the buggy address: [ 15.929617] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.930204] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.930818] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.931427] ^ [ 15.931604] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.932169] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.932782] ================================================================== [ 15.527078] ================================================================== [ 15.527348] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.527789] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.528055] [ 15.528161] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.528204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.528216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.528238] Call Trace: [ 15.528251] <TASK> [ 15.528266] dump_stack_lvl+0x73/0xb0 [ 15.528293] print_report+0xd1/0x610 [ 15.528315] ? __virt_addr_valid+0x1db/0x2d0 [ 15.528336] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.528357] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.528379] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.528401] kasan_report+0x141/0x180 [ 15.528422] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.528449] kasan_check_range+0x10c/0x1c0 [ 15.528472] __kasan_check_write+0x18/0x20 [ 15.528492] kasan_atomics_helper+0x12e6/0x5450 [ 15.528514] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.528536] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.528559] ? trace_hardirqs_on+0x37/0xe0 [ 15.528580] ? kasan_atomics+0x152/0x310 [ 15.528608] kasan_atomics+0x1dc/0x310 [ 15.528630] ? __pfx_kasan_atomics+0x10/0x10 [ 15.528653] ? __pfx_kasan_atomics+0x10/0x10 [ 15.528679] kunit_try_run_case+0x1a5/0x480 [ 15.528705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.528727] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.528750] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.528774] ? __kthread_parkme+0x82/0x180 [ 15.528794] ? preempt_count_sub+0x50/0x80 [ 15.528817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.528841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.528864] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.528888] kthread+0x337/0x6f0 [ 15.528917] ? trace_preempt_on+0x20/0xc0 [ 15.528939] ? __pfx_kthread+0x10/0x10 [ 15.528959] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.528980] ? calculate_sigpending+0x7b/0xa0 [ 15.529003] ? __pfx_kthread+0x10/0x10 [ 15.529025] ret_from_fork+0x116/0x1d0 [ 15.529044] ? __pfx_kthread+0x10/0x10 [ 15.529064] ret_from_fork_asm+0x1a/0x30 [ 15.529095] </TASK> [ 15.529106] [ 15.536446] Allocated by task 283: [ 15.536619] kasan_save_stack+0x45/0x70 [ 15.536829] kasan_save_track+0x18/0x40 [ 15.537031] kasan_save_alloc_info+0x3b/0x50 [ 15.537219] __kasan_kmalloc+0xb7/0xc0 [ 15.537386] __kmalloc_cache_noprof+0x189/0x420 [ 15.537541] kasan_atomics+0x95/0x310 [ 15.537745] kunit_try_run_case+0x1a5/0x480 [ 15.537966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.538215] kthread+0x337/0x6f0 [ 15.538386] ret_from_fork+0x116/0x1d0 [ 15.538532] ret_from_fork_asm+0x1a/0x30 [ 15.538731] [ 15.538827] The buggy address belongs to the object at ffff888102744f80 [ 15.538827] which belongs to the cache kmalloc-64 of size 64 [ 15.539285] The buggy address is located 0 bytes to the right of [ 15.539285] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.539653] [ 15.539726] The buggy address belongs to the physical page: [ 15.539897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.540147] flags: 0x200000000000000(node=0|zone=2) [ 15.540339] page_type: f5(slab) [ 15.540501] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.540840] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.541181] page dumped because: kasan: bad access detected [ 15.541430] [ 15.541523] Memory state around the buggy address: [ 15.541744] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.542015] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.542232] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.542453] ^ [ 15.542611] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.543050] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.543367] ================================================================== [ 15.054639] ================================================================== [ 15.054992] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 15.055234] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.055465] [ 15.055552] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.055596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.055610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.055645] Call Trace: [ 15.055662] <TASK> [ 15.055678] dump_stack_lvl+0x73/0xb0 [ 15.055720] print_report+0xd1/0x610 [ 15.055743] ? __virt_addr_valid+0x1db/0x2d0 [ 15.055765] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.055786] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.055809] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.055830] kasan_report+0x141/0x180 [ 15.055852] ? kasan_atomics_helper+0x7c7/0x5450 [ 15.055878] kasan_check_range+0x10c/0x1c0 [ 15.055902] __kasan_check_write+0x18/0x20 [ 15.055930] kasan_atomics_helper+0x7c7/0x5450 [ 15.055954] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.055976] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.056001] ? trace_hardirqs_on+0x37/0xe0 [ 15.056033] ? kasan_atomics+0x152/0x310 [ 15.056061] kasan_atomics+0x1dc/0x310 [ 15.056094] ? __pfx_kasan_atomics+0x10/0x10 [ 15.056117] ? __pfx_kasan_atomics+0x10/0x10 [ 15.056144] kunit_try_run_case+0x1a5/0x480 [ 15.056168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.056191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.056214] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.056236] ? __kthread_parkme+0x82/0x180 [ 15.056257] ? preempt_count_sub+0x50/0x80 [ 15.056280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.056304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.056327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.056350] kthread+0x337/0x6f0 [ 15.056370] ? trace_preempt_on+0x20/0xc0 [ 15.056392] ? __pfx_kthread+0x10/0x10 [ 15.056413] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.056442] ? calculate_sigpending+0x7b/0xa0 [ 15.056466] ? __pfx_kthread+0x10/0x10 [ 15.056487] ret_from_fork+0x116/0x1d0 [ 15.056516] ? __pfx_kthread+0x10/0x10 [ 15.056537] ret_from_fork_asm+0x1a/0x30 [ 15.056568] </TASK> [ 15.056580] [ 15.070186] Allocated by task 283: [ 15.070328] kasan_save_stack+0x45/0x70 [ 15.070496] kasan_save_track+0x18/0x40 [ 15.070883] kasan_save_alloc_info+0x3b/0x50 [ 15.071415] __kasan_kmalloc+0xb7/0xc0 [ 15.071760] __kmalloc_cache_noprof+0x189/0x420 [ 15.072424] kasan_atomics+0x95/0x310 [ 15.072833] kunit_try_run_case+0x1a5/0x480 [ 15.073229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.073747] kthread+0x337/0x6f0 [ 15.073901] ret_from_fork+0x116/0x1d0 [ 15.074213] ret_from_fork_asm+0x1a/0x30 [ 15.074643] [ 15.074824] The buggy address belongs to the object at ffff888102744f80 [ 15.074824] which belongs to the cache kmalloc-64 of size 64 [ 15.075808] The buggy address is located 0 bytes to the right of [ 15.075808] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.076994] [ 15.077161] The buggy address belongs to the physical page: [ 15.077852] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.078114] flags: 0x200000000000000(node=0|zone=2) [ 15.078279] page_type: f5(slab) [ 15.078496] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.079492] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.080403] page dumped because: kasan: bad access detected [ 15.081019] [ 15.081279] Memory state around the buggy address: [ 15.081878] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.082465] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.083025] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.083256] ^ [ 15.083414] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.084307] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.085192] ================================================================== [ 15.428155] ================================================================== [ 15.428850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.429201] Read of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.429485] [ 15.429592] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.429635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.429648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.430026] Call Trace: [ 15.430046] <TASK> [ 15.430062] dump_stack_lvl+0x73/0xb0 [ 15.430094] print_report+0xd1/0x610 [ 15.430117] ? __virt_addr_valid+0x1db/0x2d0 [ 15.430139] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.430342] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.430373] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.430396] kasan_report+0x141/0x180 [ 15.430422] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.430450] __asan_report_load4_noabort+0x18/0x20 [ 15.430476] kasan_atomics_helper+0x4a1c/0x5450 [ 15.430499] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.430521] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.430546] ? trace_hardirqs_on+0x37/0xe0 [ 15.430568] ? kasan_atomics+0x152/0x310 [ 15.430596] kasan_atomics+0x1dc/0x310 [ 15.430619] ? __pfx_kasan_atomics+0x10/0x10 [ 15.430643] ? __pfx_kasan_atomics+0x10/0x10 [ 15.430696] kunit_try_run_case+0x1a5/0x480 [ 15.430722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.430744] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.430767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.430790] ? __kthread_parkme+0x82/0x180 [ 15.430810] ? preempt_count_sub+0x50/0x80 [ 15.430833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.430857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.430880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.430913] kthread+0x337/0x6f0 [ 15.430933] ? trace_preempt_on+0x20/0xc0 [ 15.430955] ? __pfx_kthread+0x10/0x10 [ 15.430976] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.430997] ? calculate_sigpending+0x7b/0xa0 [ 15.431020] ? __pfx_kthread+0x10/0x10 [ 15.431041] ret_from_fork+0x116/0x1d0 [ 15.431065] ? __pfx_kthread+0x10/0x10 [ 15.431085] ret_from_fork_asm+0x1a/0x30 [ 15.431116] </TASK> [ 15.431128] [ 15.442512] Allocated by task 283: [ 15.442835] kasan_save_stack+0x45/0x70 [ 15.443058] kasan_save_track+0x18/0x40 [ 15.443230] kasan_save_alloc_info+0x3b/0x50 [ 15.443418] __kasan_kmalloc+0xb7/0xc0 [ 15.443585] __kmalloc_cache_noprof+0x189/0x420 [ 15.444109] kasan_atomics+0x95/0x310 [ 15.444490] kunit_try_run_case+0x1a5/0x480 [ 15.444834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.445237] kthread+0x337/0x6f0 [ 15.445403] ret_from_fork+0x116/0x1d0 [ 15.445562] ret_from_fork_asm+0x1a/0x30 [ 15.445998] [ 15.446245] The buggy address belongs to the object at ffff888102744f80 [ 15.446245] which belongs to the cache kmalloc-64 of size 64 [ 15.447090] The buggy address is located 0 bytes to the right of [ 15.447090] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.447579] [ 15.447959] The buggy address belongs to the physical page: [ 15.448255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.448885] flags: 0x200000000000000(node=0|zone=2) [ 15.449189] page_type: f5(slab) [ 15.449348] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.449645] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.450314] page dumped because: kasan: bad access detected [ 15.450809] [ 15.451068] Memory state around the buggy address: [ 15.451360] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.451828] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.452120] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.452412] ^ [ 15.452616] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.453221] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.453725] ================================================================== [ 15.713532] ================================================================== [ 15.713828] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.714076] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.714352] [ 15.714544] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.714589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.714601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.714622] Call Trace: [ 15.714637] <TASK> [ 15.714652] dump_stack_lvl+0x73/0xb0 [ 15.714693] print_report+0xd1/0x610 [ 15.714717] ? __virt_addr_valid+0x1db/0x2d0 [ 15.714739] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.714772] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.714795] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.714817] kasan_report+0x141/0x180 [ 15.714839] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.714866] kasan_check_range+0x10c/0x1c0 [ 15.714890] __kasan_check_write+0x18/0x20 [ 15.714919] kasan_atomics_helper+0x16e7/0x5450 [ 15.714943] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.714965] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.714990] ? trace_hardirqs_on+0x37/0xe0 [ 15.715012] ? kasan_atomics+0x152/0x310 [ 15.715039] kasan_atomics+0x1dc/0x310 [ 15.715068] ? __pfx_kasan_atomics+0x10/0x10 [ 15.715091] ? __pfx_kasan_atomics+0x10/0x10 [ 15.715117] kunit_try_run_case+0x1a5/0x480 [ 15.715141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.715164] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.715187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.715210] ? __kthread_parkme+0x82/0x180 [ 15.715230] ? preempt_count_sub+0x50/0x80 [ 15.715253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.715277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.715300] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.715323] kthread+0x337/0x6f0 [ 15.715343] ? trace_preempt_on+0x20/0xc0 [ 15.715375] ? __pfx_kthread+0x10/0x10 [ 15.715395] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.715417] ? calculate_sigpending+0x7b/0xa0 [ 15.715459] ? __pfx_kthread+0x10/0x10 [ 15.715481] ret_from_fork+0x116/0x1d0 [ 15.715499] ? __pfx_kthread+0x10/0x10 [ 15.715530] ret_from_fork_asm+0x1a/0x30 [ 15.715561] </TASK> [ 15.715572] [ 15.723424] Allocated by task 283: [ 15.723566] kasan_save_stack+0x45/0x70 [ 15.723712] kasan_save_track+0x18/0x40 [ 15.723847] kasan_save_alloc_info+0x3b/0x50 [ 15.724005] __kasan_kmalloc+0xb7/0xc0 [ 15.724139] __kmalloc_cache_noprof+0x189/0x420 [ 15.724295] kasan_atomics+0x95/0x310 [ 15.724472] kunit_try_run_case+0x1a5/0x480 [ 15.724681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.724946] kthread+0x337/0x6f0 [ 15.725145] ret_from_fork+0x116/0x1d0 [ 15.725534] ret_from_fork_asm+0x1a/0x30 [ 15.725874] [ 15.725990] The buggy address belongs to the object at ffff888102744f80 [ 15.725990] which belongs to the cache kmalloc-64 of size 64 [ 15.726346] The buggy address is located 0 bytes to the right of [ 15.726346] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.726802] [ 15.726898] The buggy address belongs to the physical page: [ 15.727179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.727542] flags: 0x200000000000000(node=0|zone=2) [ 15.727946] page_type: f5(slab) [ 15.728117] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.728442] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.728670] page dumped because: kasan: bad access detected [ 15.728958] [ 15.729055] Memory state around the buggy address: [ 15.729280] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.729579] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.729937] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.730227] ^ [ 15.730453] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.730808] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.731100] ================================================================== [ 16.089281] ================================================================== [ 16.090045] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.090397] Read of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 16.090920] [ 16.091151] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.091197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.091210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.091366] Call Trace: [ 16.091382] <TASK> [ 16.091397] dump_stack_lvl+0x73/0xb0 [ 16.091427] print_report+0xd1/0x610 [ 16.091449] ? __virt_addr_valid+0x1db/0x2d0 [ 16.091474] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.091495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.091517] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.091539] kasan_report+0x141/0x180 [ 16.091562] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.091589] __asan_report_load8_noabort+0x18/0x20 [ 16.091614] kasan_atomics_helper+0x4f98/0x5450 [ 16.091636] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.091658] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.091698] ? trace_hardirqs_on+0x37/0xe0 [ 16.091720] ? kasan_atomics+0x152/0x310 [ 16.091747] kasan_atomics+0x1dc/0x310 [ 16.091770] ? __pfx_kasan_atomics+0x10/0x10 [ 16.091793] ? __pfx_kasan_atomics+0x10/0x10 [ 16.091819] kunit_try_run_case+0x1a5/0x480 [ 16.091844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.091867] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.091890] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.091926] ? __kthread_parkme+0x82/0x180 [ 16.091946] ? preempt_count_sub+0x50/0x80 [ 16.091970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.091994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.092017] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.092040] kthread+0x337/0x6f0 [ 16.092060] ? trace_preempt_on+0x20/0xc0 [ 16.092081] ? __pfx_kthread+0x10/0x10 [ 16.092101] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.092123] ? calculate_sigpending+0x7b/0xa0 [ 16.092146] ? __pfx_kthread+0x10/0x10 [ 16.092167] ret_from_fork+0x116/0x1d0 [ 16.092185] ? __pfx_kthread+0x10/0x10 [ 16.092206] ret_from_fork_asm+0x1a/0x30 [ 16.092237] </TASK> [ 16.092246] [ 16.102612] Allocated by task 283: [ 16.103020] kasan_save_stack+0x45/0x70 [ 16.103217] kasan_save_track+0x18/0x40 [ 16.103409] kasan_save_alloc_info+0x3b/0x50 [ 16.103612] __kasan_kmalloc+0xb7/0xc0 [ 16.104057] __kmalloc_cache_noprof+0x189/0x420 [ 16.104259] kasan_atomics+0x95/0x310 [ 16.104599] kunit_try_run_case+0x1a5/0x480 [ 16.104953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.105166] kthread+0x337/0x6f0 [ 16.105416] ret_from_fork+0x116/0x1d0 [ 16.105575] ret_from_fork_asm+0x1a/0x30 [ 16.106036] [ 16.106113] The buggy address belongs to the object at ffff888102744f80 [ 16.106113] which belongs to the cache kmalloc-64 of size 64 [ 16.106800] The buggy address is located 0 bytes to the right of [ 16.106800] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 16.107501] [ 16.107606] The buggy address belongs to the physical page: [ 16.108092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 16.108454] flags: 0x200000000000000(node=0|zone=2) [ 16.108834] page_type: f5(slab) [ 16.109109] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.109538] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.109986] page dumped because: kasan: bad access detected [ 16.110267] [ 16.110367] Memory state around the buggy address: [ 16.110767] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.111107] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.111430] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.111983] ^ [ 16.112205] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.112601] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.113066] ================================================================== [ 15.385840] ================================================================== [ 15.386556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.387043] Read of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.387473] [ 15.387588] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.387688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.387703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.387725] Call Trace: [ 15.387740] <TASK> [ 15.387753] dump_stack_lvl+0x73/0xb0 [ 15.387782] print_report+0xd1/0x610 [ 15.387803] ? __virt_addr_valid+0x1db/0x2d0 [ 15.387825] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.387847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.387869] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.387891] kasan_report+0x141/0x180 [ 15.387925] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.387950] __asan_report_load4_noabort+0x18/0x20 [ 15.387997] kasan_atomics_helper+0x4a36/0x5450 [ 15.388020] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.388042] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.388081] ? trace_hardirqs_on+0x37/0xe0 [ 15.388102] ? kasan_atomics+0x152/0x310 [ 15.388129] kasan_atomics+0x1dc/0x310 [ 15.388152] ? __pfx_kasan_atomics+0x10/0x10 [ 15.388175] ? __pfx_kasan_atomics+0x10/0x10 [ 15.388201] kunit_try_run_case+0x1a5/0x480 [ 15.388225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.388266] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.388290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.388313] ? __kthread_parkme+0x82/0x180 [ 15.388334] ? preempt_count_sub+0x50/0x80 [ 15.388403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.388429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.388453] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.388476] kthread+0x337/0x6f0 [ 15.388496] ? trace_preempt_on+0x20/0xc0 [ 15.388518] ? __pfx_kthread+0x10/0x10 [ 15.388539] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.388560] ? calculate_sigpending+0x7b/0xa0 [ 15.388606] ? __pfx_kthread+0x10/0x10 [ 15.388627] ret_from_fork+0x116/0x1d0 [ 15.388646] ? __pfx_kthread+0x10/0x10 [ 15.388667] ret_from_fork_asm+0x1a/0x30 [ 15.388708] </TASK> [ 15.388719] [ 15.397647] Allocated by task 283: [ 15.397819] kasan_save_stack+0x45/0x70 [ 15.398152] kasan_save_track+0x18/0x40 [ 15.398300] kasan_save_alloc_info+0x3b/0x50 [ 15.398740] __kasan_kmalloc+0xb7/0xc0 [ 15.398939] __kmalloc_cache_noprof+0x189/0x420 [ 15.399193] kasan_atomics+0x95/0x310 [ 15.399505] kunit_try_run_case+0x1a5/0x480 [ 15.399664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.399957] kthread+0x337/0x6f0 [ 15.400123] ret_from_fork+0x116/0x1d0 [ 15.400300] ret_from_fork_asm+0x1a/0x30 [ 15.400621] [ 15.400771] The buggy address belongs to the object at ffff888102744f80 [ 15.400771] which belongs to the cache kmalloc-64 of size 64 [ 15.401243] The buggy address is located 0 bytes to the right of [ 15.401243] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.401931] [ 15.402048] The buggy address belongs to the physical page: [ 15.402292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.402779] flags: 0x200000000000000(node=0|zone=2) [ 15.403132] page_type: f5(slab) [ 15.403316] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.403659] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.403883] page dumped because: kasan: bad access detected [ 15.404143] [ 15.404240] Memory state around the buggy address: [ 15.404605] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.405236] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.405451] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.405660] ^ [ 15.405814] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.406043] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.406518] ================================================================== [ 15.473189] ================================================================== [ 15.473564] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.473900] Read of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.474195] [ 15.474297] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.474338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.474352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.474373] Call Trace: [ 15.474386] <TASK> [ 15.474400] dump_stack_lvl+0x73/0xb0 [ 15.474428] print_report+0xd1/0x610 [ 15.474450] ? __virt_addr_valid+0x1db/0x2d0 [ 15.474471] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.474492] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.474514] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.474536] kasan_report+0x141/0x180 [ 15.474558] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.474585] __asan_report_load4_noabort+0x18/0x20 [ 15.474609] kasan_atomics_helper+0x4a02/0x5450 [ 15.474632] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.474654] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.474677] ? trace_hardirqs_on+0x37/0xe0 [ 15.474706] ? kasan_atomics+0x152/0x310 [ 15.474733] kasan_atomics+0x1dc/0x310 [ 15.474756] ? __pfx_kasan_atomics+0x10/0x10 [ 15.474779] ? __pfx_kasan_atomics+0x10/0x10 [ 15.474805] kunit_try_run_case+0x1a5/0x480 [ 15.474829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.474851] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.474875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.474898] ? __kthread_parkme+0x82/0x180 [ 15.474930] ? preempt_count_sub+0x50/0x80 [ 15.474953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.474977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.475000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.475024] kthread+0x337/0x6f0 [ 15.475043] ? trace_preempt_on+0x20/0xc0 [ 15.475073] ? __pfx_kthread+0x10/0x10 [ 15.475094] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.475116] ? calculate_sigpending+0x7b/0xa0 [ 15.475139] ? __pfx_kthread+0x10/0x10 [ 15.475161] ret_from_fork+0x116/0x1d0 [ 15.475179] ? __pfx_kthread+0x10/0x10 [ 15.475199] ret_from_fork_asm+0x1a/0x30 [ 15.475230] </TASK> [ 15.475240] [ 15.482470] Allocated by task 283: [ 15.482654] kasan_save_stack+0x45/0x70 [ 15.482858] kasan_save_track+0x18/0x40 [ 15.483023] kasan_save_alloc_info+0x3b/0x50 [ 15.483220] __kasan_kmalloc+0xb7/0xc0 [ 15.483381] __kmalloc_cache_noprof+0x189/0x420 [ 15.483585] kasan_atomics+0x95/0x310 [ 15.483787] kunit_try_run_case+0x1a5/0x480 [ 15.483944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.484120] kthread+0x337/0x6f0 [ 15.484241] ret_from_fork+0x116/0x1d0 [ 15.484373] ret_from_fork_asm+0x1a/0x30 [ 15.484513] [ 15.484583] The buggy address belongs to the object at ffff888102744f80 [ 15.484583] which belongs to the cache kmalloc-64 of size 64 [ 15.485084] The buggy address is located 0 bytes to the right of [ 15.485084] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.485626] [ 15.485777] The buggy address belongs to the physical page: [ 15.486037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.486387] flags: 0x200000000000000(node=0|zone=2) [ 15.486616] page_type: f5(slab) [ 15.486782] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.487030] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.487286] page dumped because: kasan: bad access detected [ 15.487541] [ 15.487637] Memory state around the buggy address: [ 15.488107] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.488426] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.488782] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.489054] ^ [ 15.489275] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.489554] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.489854] ================================================================== [ 16.214890] ================================================================== [ 16.215237] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.215773] Read of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 16.216108] [ 16.216196] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.216237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.216250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.216270] Call Trace: [ 16.216286] <TASK> [ 16.216301] dump_stack_lvl+0x73/0xb0 [ 16.216330] print_report+0xd1/0x610 [ 16.216377] ? __virt_addr_valid+0x1db/0x2d0 [ 16.216401] ? kasan_atomics_helper+0x5115/0x5450 [ 16.216424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.216447] ? kasan_atomics_helper+0x5115/0x5450 [ 16.216487] kasan_report+0x141/0x180 [ 16.216510] ? kasan_atomics_helper+0x5115/0x5450 [ 16.216536] __asan_report_load8_noabort+0x18/0x20 [ 16.216579] kasan_atomics_helper+0x5115/0x5450 [ 16.216602] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.216642] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.216666] ? trace_hardirqs_on+0x37/0xe0 [ 16.216689] ? kasan_atomics+0x152/0x310 [ 16.216716] kasan_atomics+0x1dc/0x310 [ 16.216739] ? __pfx_kasan_atomics+0x10/0x10 [ 16.216763] ? __pfx_kasan_atomics+0x10/0x10 [ 16.216790] kunit_try_run_case+0x1a5/0x480 [ 16.216814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.216836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.216859] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.216890] ? __kthread_parkme+0x82/0x180 [ 16.216922] ? preempt_count_sub+0x50/0x80 [ 16.216946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.216988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.217012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.217036] kthread+0x337/0x6f0 [ 16.217069] ? trace_preempt_on+0x20/0xc0 [ 16.217091] ? __pfx_kthread+0x10/0x10 [ 16.217112] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.217149] ? calculate_sigpending+0x7b/0xa0 [ 16.217186] ? __pfx_kthread+0x10/0x10 [ 16.217208] ret_from_fork+0x116/0x1d0 [ 16.217240] ? __pfx_kthread+0x10/0x10 [ 16.217274] ret_from_fork_asm+0x1a/0x30 [ 16.217318] </TASK> [ 16.217341] [ 16.225389] Allocated by task 283: [ 16.225518] kasan_save_stack+0x45/0x70 [ 16.225663] kasan_save_track+0x18/0x40 [ 16.225798] kasan_save_alloc_info+0x3b/0x50 [ 16.225958] __kasan_kmalloc+0xb7/0xc0 [ 16.226094] __kmalloc_cache_noprof+0x189/0x420 [ 16.226313] kasan_atomics+0x95/0x310 [ 16.226522] kunit_try_run_case+0x1a5/0x480 [ 16.226766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.227027] kthread+0x337/0x6f0 [ 16.227199] ret_from_fork+0x116/0x1d0 [ 16.227383] ret_from_fork_asm+0x1a/0x30 [ 16.227579] [ 16.227669] The buggy address belongs to the object at ffff888102744f80 [ 16.227669] which belongs to the cache kmalloc-64 of size 64 [ 16.228052] The buggy address is located 0 bytes to the right of [ 16.228052] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 16.228430] [ 16.228522] The buggy address belongs to the physical page: [ 16.228884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 16.229268] flags: 0x200000000000000(node=0|zone=2) [ 16.229521] page_type: f5(slab) [ 16.229726] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.230104] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.230434] page dumped because: kasan: bad access detected [ 16.230643] [ 16.230777] Memory state around the buggy address: [ 16.231019] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.231293] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.231605] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.231943] ^ [ 16.232178] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.232525] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.233068] ================================================================== [ 14.842570] ================================================================== [ 14.842798] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.843038] Read of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 14.843791] [ 14.843931] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.843974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.843985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.844006] Call Trace: [ 14.844019] <TASK> [ 14.844034] dump_stack_lvl+0x73/0xb0 [ 14.844061] print_report+0xd1/0x610 [ 14.844084] ? __virt_addr_valid+0x1db/0x2d0 [ 14.844105] ? kasan_atomics_helper+0x3df/0x5450 [ 14.844126] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.844148] ? kasan_atomics_helper+0x3df/0x5450 [ 14.844170] kasan_report+0x141/0x180 [ 14.844191] ? kasan_atomics_helper+0x3df/0x5450 [ 14.844218] kasan_check_range+0x10c/0x1c0 [ 14.844241] __kasan_check_read+0x15/0x20 [ 14.844260] kasan_atomics_helper+0x3df/0x5450 [ 14.844282] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.844304] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.844327] ? trace_hardirqs_on+0x37/0xe0 [ 14.844407] ? kasan_atomics+0x152/0x310 [ 14.844436] kasan_atomics+0x1dc/0x310 [ 14.844459] ? __pfx_kasan_atomics+0x10/0x10 [ 14.844507] ? __pfx_kasan_atomics+0x10/0x10 [ 14.844536] kunit_try_run_case+0x1a5/0x480 [ 14.844573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.844620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.844660] ? __kthread_parkme+0x82/0x180 [ 14.844681] ? preempt_count_sub+0x50/0x80 [ 14.844705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.844752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.844775] kthread+0x337/0x6f0 [ 14.844795] ? trace_preempt_on+0x20/0xc0 [ 14.844819] ? __pfx_kthread+0x10/0x10 [ 14.844840] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.844861] ? calculate_sigpending+0x7b/0xa0 [ 14.844884] ? __pfx_kthread+0x10/0x10 [ 14.844918] ret_from_fork+0x116/0x1d0 [ 14.844937] ? __pfx_kthread+0x10/0x10 [ 14.844957] ret_from_fork_asm+0x1a/0x30 [ 14.844988] </TASK> [ 14.844999] [ 14.853841] Allocated by task 283: [ 14.854062] kasan_save_stack+0x45/0x70 [ 14.854255] kasan_save_track+0x18/0x40 [ 14.854517] kasan_save_alloc_info+0x3b/0x50 [ 14.854781] __kasan_kmalloc+0xb7/0xc0 [ 14.854969] __kmalloc_cache_noprof+0x189/0x420 [ 14.855184] kasan_atomics+0x95/0x310 [ 14.855516] kunit_try_run_case+0x1a5/0x480 [ 14.855949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.856212] kthread+0x337/0x6f0 [ 14.856393] ret_from_fork+0x116/0x1d0 [ 14.856656] ret_from_fork_asm+0x1a/0x30 [ 14.856860] [ 14.857036] The buggy address belongs to the object at ffff888102744f80 [ 14.857036] which belongs to the cache kmalloc-64 of size 64 [ 14.857481] The buggy address is located 0 bytes to the right of [ 14.857481] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 14.857929] [ 14.858005] The buggy address belongs to the physical page: [ 14.858420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 14.859312] flags: 0x200000000000000(node=0|zone=2) [ 14.860073] page_type: f5(slab) [ 14.860368] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.860974] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.861205] page dumped because: kasan: bad access detected [ 14.861376] [ 14.861447] Memory state around the buggy address: [ 14.861727] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.861977] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.862267] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.862796] ^ [ 14.863014] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.863328] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.863860] ================================================================== [ 14.864287] ================================================================== [ 14.864672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.865004] Read of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 14.865323] [ 14.865546] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.865591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.865603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.865624] Call Trace: [ 14.865640] <TASK> [ 14.865654] dump_stack_lvl+0x73/0xb0 [ 14.865682] print_report+0xd1/0x610 [ 14.865704] ? __virt_addr_valid+0x1db/0x2d0 [ 14.865748] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.865769] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.865791] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.865813] kasan_report+0x141/0x180 [ 14.865836] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.865863] __asan_report_load4_noabort+0x18/0x20 [ 14.865887] kasan_atomics_helper+0x4b54/0x5450 [ 14.865940] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.865964] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.865987] ? trace_hardirqs_on+0x37/0xe0 [ 14.866009] ? kasan_atomics+0x152/0x310 [ 14.866035] kasan_atomics+0x1dc/0x310 [ 14.866058] ? __pfx_kasan_atomics+0x10/0x10 [ 14.866081] ? __pfx_kasan_atomics+0x10/0x10 [ 14.866125] kunit_try_run_case+0x1a5/0x480 [ 14.866150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.866172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.866195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.866219] ? __kthread_parkme+0x82/0x180 [ 14.866238] ? preempt_count_sub+0x50/0x80 [ 14.866261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.866285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.866326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.866350] kthread+0x337/0x6f0 [ 14.866370] ? trace_preempt_on+0x20/0xc0 [ 14.866391] ? __pfx_kthread+0x10/0x10 [ 14.866412] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.866433] ? calculate_sigpending+0x7b/0xa0 [ 14.866457] ? __pfx_kthread+0x10/0x10 [ 14.866478] ret_from_fork+0x116/0x1d0 [ 14.866497] ? __pfx_kthread+0x10/0x10 [ 14.866518] ret_from_fork_asm+0x1a/0x30 [ 14.866548] </TASK> [ 14.866559] [ 14.874854] Allocated by task 283: [ 14.875008] kasan_save_stack+0x45/0x70 [ 14.875163] kasan_save_track+0x18/0x40 [ 14.875529] kasan_save_alloc_info+0x3b/0x50 [ 14.875893] __kasan_kmalloc+0xb7/0xc0 [ 14.876091] __kmalloc_cache_noprof+0x189/0x420 [ 14.876313] kasan_atomics+0x95/0x310 [ 14.876629] kunit_try_run_case+0x1a5/0x480 [ 14.876947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.877122] kthread+0x337/0x6f0 [ 14.877239] ret_from_fork+0x116/0x1d0 [ 14.877367] ret_from_fork_asm+0x1a/0x30 [ 14.877504] [ 14.877700] The buggy address belongs to the object at ffff888102744f80 [ 14.877700] which belongs to the cache kmalloc-64 of size 64 [ 14.878779] The buggy address is located 0 bytes to the right of [ 14.878779] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 14.880222] [ 14.880466] The buggy address belongs to the physical page: [ 14.881047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 14.882192] flags: 0x200000000000000(node=0|zone=2) [ 14.882591] page_type: f5(slab) [ 14.882758] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.883476] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.884193] page dumped because: kasan: bad access detected [ 14.884475] [ 14.884659] Memory state around the buggy address: [ 14.885134] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.885881] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.886451] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.887009] ^ [ 14.887181] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.887756] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.888412] ================================================================== [ 15.230954] ================================================================== [ 15.231791] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.232179] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.232608] [ 15.232835] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.232882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.232895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.232931] Call Trace: [ 15.232947] <TASK> [ 15.232964] dump_stack_lvl+0x73/0xb0 [ 15.232995] print_report+0xd1/0x610 [ 15.233017] ? __virt_addr_valid+0x1db/0x2d0 [ 15.233039] ? kasan_atomics_helper+0xc70/0x5450 [ 15.233060] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.233082] ? kasan_atomics_helper+0xc70/0x5450 [ 15.233103] kasan_report+0x141/0x180 [ 15.233126] ? kasan_atomics_helper+0xc70/0x5450 [ 15.233152] kasan_check_range+0x10c/0x1c0 [ 15.233175] __kasan_check_write+0x18/0x20 [ 15.233194] kasan_atomics_helper+0xc70/0x5450 [ 15.233216] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.233238] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.233283] ? trace_hardirqs_on+0x37/0xe0 [ 15.233306] ? kasan_atomics+0x152/0x310 [ 15.233332] kasan_atomics+0x1dc/0x310 [ 15.233412] ? __pfx_kasan_atomics+0x10/0x10 [ 15.233437] ? __pfx_kasan_atomics+0x10/0x10 [ 15.233464] kunit_try_run_case+0x1a5/0x480 [ 15.233488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.233511] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.233534] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.233557] ? __kthread_parkme+0x82/0x180 [ 15.233578] ? preempt_count_sub+0x50/0x80 [ 15.233602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.233626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.233648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.233672] kthread+0x337/0x6f0 [ 15.233700] ? trace_preempt_on+0x20/0xc0 [ 15.233722] ? __pfx_kthread+0x10/0x10 [ 15.233742] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.233763] ? calculate_sigpending+0x7b/0xa0 [ 15.233786] ? __pfx_kthread+0x10/0x10 [ 15.233807] ret_from_fork+0x116/0x1d0 [ 15.233825] ? __pfx_kthread+0x10/0x10 [ 15.233847] ret_from_fork_asm+0x1a/0x30 [ 15.233877] </TASK> [ 15.233888] [ 15.248301] Allocated by task 283: [ 15.248776] kasan_save_stack+0x45/0x70 [ 15.249196] kasan_save_track+0x18/0x40 [ 15.249643] kasan_save_alloc_info+0x3b/0x50 [ 15.250082] __kasan_kmalloc+0xb7/0xc0 [ 15.250289] __kmalloc_cache_noprof+0x189/0x420 [ 15.250732] kasan_atomics+0x95/0x310 [ 15.251204] kunit_try_run_case+0x1a5/0x480 [ 15.251406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.251922] kthread+0x337/0x6f0 [ 15.252238] ret_from_fork+0x116/0x1d0 [ 15.252536] ret_from_fork_asm+0x1a/0x30 [ 15.253100] [ 15.253273] The buggy address belongs to the object at ffff888102744f80 [ 15.253273] which belongs to the cache kmalloc-64 of size 64 [ 15.254349] The buggy address is located 0 bytes to the right of [ 15.254349] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.255028] [ 15.255112] The buggy address belongs to the physical page: [ 15.255288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.255555] flags: 0x200000000000000(node=0|zone=2) [ 15.256033] page_type: f5(slab) [ 15.256202] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.256681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.257069] page dumped because: kasan: bad access detected [ 15.257258] [ 15.257427] Memory state around the buggy address: [ 15.257664] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.257892] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.258442] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.258750] ^ [ 15.258993] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.259277] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.259693] ================================================================== [ 15.201246] ================================================================== [ 15.201995] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.202339] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.202755] [ 15.202867] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.202921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.202934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.202955] Call Trace: [ 15.202971] <TASK> [ 15.202986] dump_stack_lvl+0x73/0xb0 [ 15.203014] print_report+0xd1/0x610 [ 15.203035] ? __virt_addr_valid+0x1db/0x2d0 [ 15.203060] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.203081] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.203103] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.203124] kasan_report+0x141/0x180 [ 15.203146] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.203172] kasan_check_range+0x10c/0x1c0 [ 15.203195] __kasan_check_write+0x18/0x20 [ 15.203214] kasan_atomics_helper+0xb6a/0x5450 [ 15.203236] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.203258] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.203281] ? trace_hardirqs_on+0x37/0xe0 [ 15.203302] ? kasan_atomics+0x152/0x310 [ 15.203328] kasan_atomics+0x1dc/0x310 [ 15.203350] ? __pfx_kasan_atomics+0x10/0x10 [ 15.203374] ? __pfx_kasan_atomics+0x10/0x10 [ 15.203577] kunit_try_run_case+0x1a5/0x480 [ 15.203607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.203630] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.203654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.203678] ? __kthread_parkme+0x82/0x180 [ 15.203697] ? preempt_count_sub+0x50/0x80 [ 15.203720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.203744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.203767] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.203790] kthread+0x337/0x6f0 [ 15.203810] ? trace_preempt_on+0x20/0xc0 [ 15.203832] ? __pfx_kthread+0x10/0x10 [ 15.203853] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.203875] ? calculate_sigpending+0x7b/0xa0 [ 15.203899] ? __pfx_kthread+0x10/0x10 [ 15.203934] ret_from_fork+0x116/0x1d0 [ 15.203952] ? __pfx_kthread+0x10/0x10 [ 15.203973] ret_from_fork_asm+0x1a/0x30 [ 15.204003] </TASK> [ 15.204014] [ 15.212810] Allocated by task 283: [ 15.212978] kasan_save_stack+0x45/0x70 [ 15.213129] kasan_save_track+0x18/0x40 [ 15.213266] kasan_save_alloc_info+0x3b/0x50 [ 15.214353] __kasan_kmalloc+0xb7/0xc0 [ 15.215364] __kmalloc_cache_noprof+0x189/0x420 [ 15.215939] kasan_atomics+0x95/0x310 [ 15.216448] kunit_try_run_case+0x1a5/0x480 [ 15.217213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.217926] kthread+0x337/0x6f0 [ 15.218428] ret_from_fork+0x116/0x1d0 [ 15.218579] ret_from_fork_asm+0x1a/0x30 [ 15.219148] [ 15.219255] The buggy address belongs to the object at ffff888102744f80 [ 15.219255] which belongs to the cache kmalloc-64 of size 64 [ 15.220542] The buggy address is located 0 bytes to the right of [ 15.220542] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.221633] [ 15.221730] The buggy address belongs to the physical page: [ 15.222275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.223081] flags: 0x200000000000000(node=0|zone=2) [ 15.223251] page_type: f5(slab) [ 15.223425] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.224920] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.225610] page dumped because: kasan: bad access detected [ 15.225971] [ 15.226049] Memory state around the buggy address: [ 15.226205] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.226415] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.226625] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.227673] ^ [ 15.228160] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.229084] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.229817] ================================================================== [ 15.881516] ================================================================== [ 15.881900] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.882252] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.882608] [ 15.882744] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.882786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.882798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.882819] Call Trace: [ 15.882834] <TASK> [ 15.882848] dump_stack_lvl+0x73/0xb0 [ 15.882876] print_report+0xd1/0x610 [ 15.882898] ? __virt_addr_valid+0x1db/0x2d0 [ 15.882930] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.882951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.882973] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.882996] kasan_report+0x141/0x180 [ 15.883017] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.883043] kasan_check_range+0x10c/0x1c0 [ 15.883071] __kasan_check_write+0x18/0x20 [ 15.883090] kasan_atomics_helper+0x1c18/0x5450 [ 15.883113] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.883135] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.883158] ? trace_hardirqs_on+0x37/0xe0 [ 15.883179] ? kasan_atomics+0x152/0x310 [ 15.883206] kasan_atomics+0x1dc/0x310 [ 15.883228] ? __pfx_kasan_atomics+0x10/0x10 [ 15.883251] ? __pfx_kasan_atomics+0x10/0x10 [ 15.883277] kunit_try_run_case+0x1a5/0x480 [ 15.883301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.883324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.883347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.883370] ? __kthread_parkme+0x82/0x180 [ 15.883390] ? preempt_count_sub+0x50/0x80 [ 15.883413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.883437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.883460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.883483] kthread+0x337/0x6f0 [ 15.883502] ? trace_preempt_on+0x20/0xc0 [ 15.883524] ? __pfx_kthread+0x10/0x10 [ 15.883546] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.883566] ? calculate_sigpending+0x7b/0xa0 [ 15.883590] ? __pfx_kthread+0x10/0x10 [ 15.883612] ret_from_fork+0x116/0x1d0 [ 15.883631] ? __pfx_kthread+0x10/0x10 [ 15.883652] ret_from_fork_asm+0x1a/0x30 [ 15.883703] </TASK> [ 15.883714] [ 15.892800] Allocated by task 283: [ 15.893158] kasan_save_stack+0x45/0x70 [ 15.893510] kasan_save_track+0x18/0x40 [ 15.893873] kasan_save_alloc_info+0x3b/0x50 [ 15.894263] __kasan_kmalloc+0xb7/0xc0 [ 15.894592] __kmalloc_cache_noprof+0x189/0x420 [ 15.895014] kasan_atomics+0x95/0x310 [ 15.895345] kunit_try_run_case+0x1a5/0x480 [ 15.895612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.896079] kthread+0x337/0x6f0 [ 15.896371] ret_from_fork+0x116/0x1d0 [ 15.896535] ret_from_fork_asm+0x1a/0x30 [ 15.896712] [ 15.896871] The buggy address belongs to the object at ffff888102744f80 [ 15.896871] which belongs to the cache kmalloc-64 of size 64 [ 15.897890] The buggy address is located 0 bytes to the right of [ 15.897890] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.898516] [ 15.898593] The buggy address belongs to the physical page: [ 15.898999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.899690] flags: 0x200000000000000(node=0|zone=2) [ 15.900112] page_type: f5(slab) [ 15.900399] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.901071] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.901534] page dumped because: kasan: bad access detected [ 15.901800] [ 15.901977] Memory state around the buggy address: [ 15.902388] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.903020] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.903383] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.903598] ^ [ 15.903950] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.904549] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.905168] ================================================================== [ 16.113752] ================================================================== [ 16.114224] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.114962] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 16.115334] [ 16.115595] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.115644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.115677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.115699] Call Trace: [ 16.115727] <TASK> [ 16.115742] dump_stack_lvl+0x73/0xb0 [ 16.115773] print_report+0xd1/0x610 [ 16.115981] ? __virt_addr_valid+0x1db/0x2d0 [ 16.116005] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.116027] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.116049] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.116071] kasan_report+0x141/0x180 [ 16.116093] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.116120] kasan_check_range+0x10c/0x1c0 [ 16.116143] __kasan_check_write+0x18/0x20 [ 16.116162] kasan_atomics_helper+0x20c8/0x5450 [ 16.116185] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.116207] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.116231] ? trace_hardirqs_on+0x37/0xe0 [ 16.116253] ? kasan_atomics+0x152/0x310 [ 16.116280] kasan_atomics+0x1dc/0x310 [ 16.116302] ? __pfx_kasan_atomics+0x10/0x10 [ 16.116326] ? __pfx_kasan_atomics+0x10/0x10 [ 16.116353] kunit_try_run_case+0x1a5/0x480 [ 16.116378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.116401] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.116425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.116448] ? __kthread_parkme+0x82/0x180 [ 16.116468] ? preempt_count_sub+0x50/0x80 [ 16.116492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.116516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.116539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.116563] kthread+0x337/0x6f0 [ 16.116582] ? trace_preempt_on+0x20/0xc0 [ 16.116605] ? __pfx_kthread+0x10/0x10 [ 16.116625] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.116646] ? calculate_sigpending+0x7b/0xa0 [ 16.116669] ? __pfx_kthread+0x10/0x10 [ 16.116699] ret_from_fork+0x116/0x1d0 [ 16.116718] ? __pfx_kthread+0x10/0x10 [ 16.116739] ret_from_fork_asm+0x1a/0x30 [ 16.116769] </TASK> [ 16.116781] [ 16.127256] Allocated by task 283: [ 16.127451] kasan_save_stack+0x45/0x70 [ 16.127931] kasan_save_track+0x18/0x40 [ 16.128147] kasan_save_alloc_info+0x3b/0x50 [ 16.128464] __kasan_kmalloc+0xb7/0xc0 [ 16.128658] __kmalloc_cache_noprof+0x189/0x420 [ 16.129030] kasan_atomics+0x95/0x310 [ 16.129254] kunit_try_run_case+0x1a5/0x480 [ 16.129523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.129960] kthread+0x337/0x6f0 [ 16.130226] ret_from_fork+0x116/0x1d0 [ 16.130371] ret_from_fork_asm+0x1a/0x30 [ 16.130707] [ 16.130811] The buggy address belongs to the object at ffff888102744f80 [ 16.130811] which belongs to the cache kmalloc-64 of size 64 [ 16.131467] The buggy address is located 0 bytes to the right of [ 16.131467] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 16.132262] [ 16.132367] The buggy address belongs to the physical page: [ 16.132838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 16.133201] flags: 0x200000000000000(node=0|zone=2) [ 16.133425] page_type: f5(slab) [ 16.133579] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.134147] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.134540] page dumped because: kasan: bad access detected [ 16.134888] [ 16.135003] Memory state around the buggy address: [ 16.135374] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.135716] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.136203] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.136536] ^ [ 16.136893] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.137313] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.137698] ================================================================== [ 16.041033] ================================================================== [ 16.041674] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.042149] Read of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 16.042521] [ 16.042893] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.042973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.042986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.043023] Call Trace: [ 16.043057] <TASK> [ 16.043073] dump_stack_lvl+0x73/0xb0 [ 16.043117] print_report+0xd1/0x610 [ 16.043140] ? __virt_addr_valid+0x1db/0x2d0 [ 16.043176] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.043432] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.043455] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.043478] kasan_report+0x141/0x180 [ 16.043501] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.043528] __asan_report_load8_noabort+0x18/0x20 [ 16.043552] kasan_atomics_helper+0x4f71/0x5450 [ 16.043574] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.043596] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.043621] ? trace_hardirqs_on+0x37/0xe0 [ 16.043643] ? kasan_atomics+0x152/0x310 [ 16.043669] kasan_atomics+0x1dc/0x310 [ 16.043700] ? __pfx_kasan_atomics+0x10/0x10 [ 16.043724] ? __pfx_kasan_atomics+0x10/0x10 [ 16.043751] kunit_try_run_case+0x1a5/0x480 [ 16.043774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.043796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.043820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.043842] ? __kthread_parkme+0x82/0x180 [ 16.043862] ? preempt_count_sub+0x50/0x80 [ 16.043885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.043922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.043945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.043969] kthread+0x337/0x6f0 [ 16.043988] ? trace_preempt_on+0x20/0xc0 [ 16.044010] ? __pfx_kthread+0x10/0x10 [ 16.044031] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.044051] ? calculate_sigpending+0x7b/0xa0 [ 16.044074] ? __pfx_kthread+0x10/0x10 [ 16.044096] ret_from_fork+0x116/0x1d0 [ 16.044115] ? __pfx_kthread+0x10/0x10 [ 16.044136] ret_from_fork_asm+0x1a/0x30 [ 16.044166] </TASK> [ 16.044177] [ 16.054786] Allocated by task 283: [ 16.055003] kasan_save_stack+0x45/0x70 [ 16.055460] kasan_save_track+0x18/0x40 [ 16.055666] kasan_save_alloc_info+0x3b/0x50 [ 16.055986] __kasan_kmalloc+0xb7/0xc0 [ 16.056289] __kmalloc_cache_noprof+0x189/0x420 [ 16.056590] kasan_atomics+0x95/0x310 [ 16.056818] kunit_try_run_case+0x1a5/0x480 [ 16.057165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.057508] kthread+0x337/0x6f0 [ 16.057761] ret_from_fork+0x116/0x1d0 [ 16.057986] ret_from_fork_asm+0x1a/0x30 [ 16.058318] [ 16.058448] The buggy address belongs to the object at ffff888102744f80 [ 16.058448] which belongs to the cache kmalloc-64 of size 64 [ 16.059169] The buggy address is located 0 bytes to the right of [ 16.059169] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 16.059982] [ 16.060203] The buggy address belongs to the physical page: [ 16.060443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 16.061047] flags: 0x200000000000000(node=0|zone=2) [ 16.061263] page_type: f5(slab) [ 16.061411] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.061972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.062309] page dumped because: kasan: bad access detected [ 16.062689] [ 16.062857] Memory state around the buggy address: [ 16.063253] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.063634] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.064099] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.064433] ^ [ 16.064756] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.065200] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.065522] ================================================================== [ 15.086048] ================================================================== [ 15.086637] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 15.087344] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.087588] [ 15.087676] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.087720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.087733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.087754] Call Trace: [ 15.087771] <TASK> [ 15.087786] dump_stack_lvl+0x73/0xb0 [ 15.087815] print_report+0xd1/0x610 [ 15.087839] ? __virt_addr_valid+0x1db/0x2d0 [ 15.087864] ? kasan_atomics_helper+0x860/0x5450 [ 15.087885] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.087918] ? kasan_atomics_helper+0x860/0x5450 [ 15.087941] kasan_report+0x141/0x180 [ 15.087963] ? kasan_atomics_helper+0x860/0x5450 [ 15.087990] kasan_check_range+0x10c/0x1c0 [ 15.088014] __kasan_check_write+0x18/0x20 [ 15.088033] kasan_atomics_helper+0x860/0x5450 [ 15.088055] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.088077] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.088101] ? trace_hardirqs_on+0x37/0xe0 [ 15.088124] ? kasan_atomics+0x152/0x310 [ 15.088151] kasan_atomics+0x1dc/0x310 [ 15.088173] ? __pfx_kasan_atomics+0x10/0x10 [ 15.088197] ? __pfx_kasan_atomics+0x10/0x10 [ 15.088224] kunit_try_run_case+0x1a5/0x480 [ 15.088249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.088271] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.088326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.088350] ? __kthread_parkme+0x82/0x180 [ 15.088371] ? preempt_count_sub+0x50/0x80 [ 15.088395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.088418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.088442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.088465] kthread+0x337/0x6f0 [ 15.088484] ? trace_preempt_on+0x20/0xc0 [ 15.088506] ? __pfx_kthread+0x10/0x10 [ 15.088537] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.088559] ? calculate_sigpending+0x7b/0xa0 [ 15.088583] ? __pfx_kthread+0x10/0x10 [ 15.088604] ret_from_fork+0x116/0x1d0 [ 15.088624] ? __pfx_kthread+0x10/0x10 [ 15.088644] ret_from_fork_asm+0x1a/0x30 [ 15.088674] </TASK> [ 15.088685] [ 15.099948] Allocated by task 283: [ 15.100252] kasan_save_stack+0x45/0x70 [ 15.100634] kasan_save_track+0x18/0x40 [ 15.100858] kasan_save_alloc_info+0x3b/0x50 [ 15.101293] __kasan_kmalloc+0xb7/0xc0 [ 15.101636] __kmalloc_cache_noprof+0x189/0x420 [ 15.101820] kasan_atomics+0x95/0x310 [ 15.102175] kunit_try_run_case+0x1a5/0x480 [ 15.102479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.102697] kthread+0x337/0x6f0 [ 15.103127] ret_from_fork+0x116/0x1d0 [ 15.103520] ret_from_fork_asm+0x1a/0x30 [ 15.103681] [ 15.103804] The buggy address belongs to the object at ffff888102744f80 [ 15.103804] which belongs to the cache kmalloc-64 of size 64 [ 15.104317] The buggy address is located 0 bytes to the right of [ 15.104317] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.105176] [ 15.105261] The buggy address belongs to the physical page: [ 15.105749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.106193] flags: 0x200000000000000(node=0|zone=2) [ 15.106497] page_type: f5(slab) [ 15.106705] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.107318] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.108012] page dumped because: kasan: bad access detected [ 15.108219] [ 15.108318] Memory state around the buggy address: [ 15.108670] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.109228] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.109785] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.110285] ^ [ 15.110605] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.110942] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.111276] ================================================================== [ 15.543841] ================================================================== [ 15.544191] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.544876] Read of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.545229] [ 15.545348] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.545390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.545401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.545422] Call Trace: [ 15.545437] <TASK> [ 15.545452] dump_stack_lvl+0x73/0xb0 [ 15.545481] print_report+0xd1/0x610 [ 15.545503] ? __virt_addr_valid+0x1db/0x2d0 [ 15.545526] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.545547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.545570] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.545593] kasan_report+0x141/0x180 [ 15.545615] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.545641] __asan_report_load4_noabort+0x18/0x20 [ 15.545665] kasan_atomics_helper+0x49ce/0x5450 [ 15.545699] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.545722] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.545745] ? trace_hardirqs_on+0x37/0xe0 [ 15.545767] ? kasan_atomics+0x152/0x310 [ 15.545794] kasan_atomics+0x1dc/0x310 [ 15.545816] ? __pfx_kasan_atomics+0x10/0x10 [ 15.545839] ? __pfx_kasan_atomics+0x10/0x10 [ 15.545865] kunit_try_run_case+0x1a5/0x480 [ 15.545889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.545922] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.545945] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.545968] ? __kthread_parkme+0x82/0x180 [ 15.545988] ? preempt_count_sub+0x50/0x80 [ 15.546011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.546035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.546057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.546081] kthread+0x337/0x6f0 [ 15.546101] ? trace_preempt_on+0x20/0xc0 [ 15.546122] ? __pfx_kthread+0x10/0x10 [ 15.546143] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.546164] ? calculate_sigpending+0x7b/0xa0 [ 15.546188] ? __pfx_kthread+0x10/0x10 [ 15.546209] ret_from_fork+0x116/0x1d0 [ 15.546228] ? __pfx_kthread+0x10/0x10 [ 15.546250] ret_from_fork_asm+0x1a/0x30 [ 15.546280] </TASK> [ 15.546291] [ 15.558768] Allocated by task 283: [ 15.559117] kasan_save_stack+0x45/0x70 [ 15.559422] kasan_save_track+0x18/0x40 [ 15.559579] kasan_save_alloc_info+0x3b/0x50 [ 15.559934] __kasan_kmalloc+0xb7/0xc0 [ 15.560210] __kmalloc_cache_noprof+0x189/0x420 [ 15.560417] kasan_atomics+0x95/0x310 [ 15.560601] kunit_try_run_case+0x1a5/0x480 [ 15.561019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.561359] kthread+0x337/0x6f0 [ 15.561528] ret_from_fork+0x116/0x1d0 [ 15.561879] ret_from_fork_asm+0x1a/0x30 [ 15.562186] [ 15.562265] The buggy address belongs to the object at ffff888102744f80 [ 15.562265] which belongs to the cache kmalloc-64 of size 64 [ 15.563094] The buggy address is located 0 bytes to the right of [ 15.563094] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.563755] [ 15.563840] The buggy address belongs to the physical page: [ 15.564234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.564662] flags: 0x200000000000000(node=0|zone=2) [ 15.565012] page_type: f5(slab) [ 15.565165] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.565504] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.566077] page dumped because: kasan: bad access detected [ 15.566274] [ 15.566521] Memory state around the buggy address: [ 15.566863] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.567318] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.567701] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.568099] ^ [ 15.568425] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.568813] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.569184] ================================================================== [ 15.161102] ================================================================== [ 15.161803] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.162099] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.162326] [ 15.162408] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.162449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.162462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.162482] Call Trace: [ 15.162496] <TASK> [ 15.162509] dump_stack_lvl+0x73/0xb0 [ 15.162536] print_report+0xd1/0x610 [ 15.162557] ? __virt_addr_valid+0x1db/0x2d0 [ 15.162581] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.162601] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.162623] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.162645] kasan_report+0x141/0x180 [ 15.162666] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.162692] kasan_check_range+0x10c/0x1c0 [ 15.162715] __kasan_check_write+0x18/0x20 [ 15.162735] kasan_atomics_helper+0xa2b/0x5450 [ 15.162757] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.162787] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.162811] ? trace_hardirqs_on+0x37/0xe0 [ 15.162833] ? kasan_atomics+0x152/0x310 [ 15.162859] kasan_atomics+0x1dc/0x310 [ 15.162882] ? __pfx_kasan_atomics+0x10/0x10 [ 15.162916] ? __pfx_kasan_atomics+0x10/0x10 [ 15.162943] kunit_try_run_case+0x1a5/0x480 [ 15.162967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.162989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.163012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.163036] ? __kthread_parkme+0x82/0x180 [ 15.163062] ? preempt_count_sub+0x50/0x80 [ 15.163086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.163109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.163134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.163160] kthread+0x337/0x6f0 [ 15.163182] ? trace_preempt_on+0x20/0xc0 [ 15.163205] ? __pfx_kthread+0x10/0x10 [ 15.163225] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.163246] ? calculate_sigpending+0x7b/0xa0 [ 15.163270] ? __pfx_kthread+0x10/0x10 [ 15.163293] ret_from_fork+0x116/0x1d0 [ 15.163311] ? __pfx_kthread+0x10/0x10 [ 15.163331] ret_from_fork_asm+0x1a/0x30 [ 15.163373] </TASK> [ 15.163384] [ 15.171660] Allocated by task 283: [ 15.171789] kasan_save_stack+0x45/0x70 [ 15.172107] kasan_save_track+0x18/0x40 [ 15.172306] kasan_save_alloc_info+0x3b/0x50 [ 15.172517] __kasan_kmalloc+0xb7/0xc0 [ 15.172702] __kmalloc_cache_noprof+0x189/0x420 [ 15.172985] kasan_atomics+0x95/0x310 [ 15.173294] kunit_try_run_case+0x1a5/0x480 [ 15.173440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.173615] kthread+0x337/0x6f0 [ 15.173735] ret_from_fork+0x116/0x1d0 [ 15.173866] ret_from_fork_asm+0x1a/0x30 [ 15.174025] [ 15.174095] The buggy address belongs to the object at ffff888102744f80 [ 15.174095] which belongs to the cache kmalloc-64 of size 64 [ 15.175254] The buggy address is located 0 bytes to the right of [ 15.175254] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.175806] [ 15.175936] The buggy address belongs to the physical page: [ 15.176215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.176853] flags: 0x200000000000000(node=0|zone=2) [ 15.177040] page_type: f5(slab) [ 15.177209] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.177479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.177706] page dumped because: kasan: bad access detected [ 15.177878] [ 15.177957] Memory state around the buggy address: [ 15.178113] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.178331] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.178547] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.178764] ^ [ 15.178948] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.179274] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.179588] ================================================================== [ 16.138815] ================================================================== [ 16.139158] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.139766] Read of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 16.140220] [ 16.140349] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.140410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.140423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.140444] Call Trace: [ 16.140461] <TASK> [ 16.140476] dump_stack_lvl+0x73/0xb0 [ 16.140506] print_report+0xd1/0x610 [ 16.140528] ? __virt_addr_valid+0x1db/0x2d0 [ 16.140550] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.140571] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.140594] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.140616] kasan_report+0x141/0x180 [ 16.140637] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.140664] __asan_report_load8_noabort+0x18/0x20 [ 16.140688] kasan_atomics_helper+0x4fb2/0x5450 [ 16.140710] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.140732] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.140755] ? trace_hardirqs_on+0x37/0xe0 [ 16.140777] ? kasan_atomics+0x152/0x310 [ 16.140803] kasan_atomics+0x1dc/0x310 [ 16.140826] ? __pfx_kasan_atomics+0x10/0x10 [ 16.140849] ? __pfx_kasan_atomics+0x10/0x10 [ 16.140876] kunit_try_run_case+0x1a5/0x480 [ 16.140900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.140934] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.140957] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.140981] ? __kthread_parkme+0x82/0x180 [ 16.141001] ? preempt_count_sub+0x50/0x80 [ 16.141024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.141048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.141071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.141094] kthread+0x337/0x6f0 [ 16.141114] ? trace_preempt_on+0x20/0xc0 [ 16.141136] ? __pfx_kthread+0x10/0x10 [ 16.141156] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.141177] ? calculate_sigpending+0x7b/0xa0 [ 16.141201] ? __pfx_kthread+0x10/0x10 [ 16.141223] ret_from_fork+0x116/0x1d0 [ 16.141241] ? __pfx_kthread+0x10/0x10 [ 16.141261] ret_from_fork_asm+0x1a/0x30 [ 16.141292] </TASK> [ 16.141303] [ 16.149064] Allocated by task 283: [ 16.149245] kasan_save_stack+0x45/0x70 [ 16.149407] kasan_save_track+0x18/0x40 [ 16.149582] kasan_save_alloc_info+0x3b/0x50 [ 16.149875] __kasan_kmalloc+0xb7/0xc0 [ 16.150076] __kmalloc_cache_noprof+0x189/0x420 [ 16.150290] kasan_atomics+0x95/0x310 [ 16.150428] kunit_try_run_case+0x1a5/0x480 [ 16.150615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.151012] kthread+0x337/0x6f0 [ 16.151191] ret_from_fork+0x116/0x1d0 [ 16.151355] ret_from_fork_asm+0x1a/0x30 [ 16.151572] [ 16.151667] The buggy address belongs to the object at ffff888102744f80 [ 16.151667] which belongs to the cache kmalloc-64 of size 64 [ 16.152152] The buggy address is located 0 bytes to the right of [ 16.152152] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 16.152724] [ 16.152830] The buggy address belongs to the physical page: [ 16.153108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 16.153465] flags: 0x200000000000000(node=0|zone=2) [ 16.153696] page_type: f5(slab) [ 16.153863] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.154209] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.154545] page dumped because: kasan: bad access detected [ 16.154931] [ 16.155003] Memory state around the buggy address: [ 16.155163] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.155460] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.155891] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.156193] ^ [ 16.156388] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.156693] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.157005] ================================================================== [ 15.803944] ================================================================== [ 15.804581] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.805229] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.805859] [ 15.806043] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.806088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.806100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.806121] Call Trace: [ 15.806137] <TASK> [ 15.806152] dump_stack_lvl+0x73/0xb0 [ 15.806180] print_report+0xd1/0x610 [ 15.806201] ? __virt_addr_valid+0x1db/0x2d0 [ 15.806223] ? kasan_atomics_helper+0x194a/0x5450 [ 15.806244] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.806266] ? kasan_atomics_helper+0x194a/0x5450 [ 15.806287] kasan_report+0x141/0x180 [ 15.806309] ? kasan_atomics_helper+0x194a/0x5450 [ 15.806335] kasan_check_range+0x10c/0x1c0 [ 15.806359] __kasan_check_write+0x18/0x20 [ 15.806378] kasan_atomics_helper+0x194a/0x5450 [ 15.806400] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.806422] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.806446] ? trace_hardirqs_on+0x37/0xe0 [ 15.806467] ? kasan_atomics+0x152/0x310 [ 15.806494] kasan_atomics+0x1dc/0x310 [ 15.806516] ? __pfx_kasan_atomics+0x10/0x10 [ 15.806540] ? __pfx_kasan_atomics+0x10/0x10 [ 15.806567] kunit_try_run_case+0x1a5/0x480 [ 15.806592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.806615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.806638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.806661] ? __kthread_parkme+0x82/0x180 [ 15.806704] ? preempt_count_sub+0x50/0x80 [ 15.806727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.806752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.806775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.806798] kthread+0x337/0x6f0 [ 15.806818] ? trace_preempt_on+0x20/0xc0 [ 15.806840] ? __pfx_kthread+0x10/0x10 [ 15.806861] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.806882] ? calculate_sigpending+0x7b/0xa0 [ 15.806914] ? __pfx_kthread+0x10/0x10 [ 15.806936] ret_from_fork+0x116/0x1d0 [ 15.806954] ? __pfx_kthread+0x10/0x10 [ 15.806975] ret_from_fork_asm+0x1a/0x30 [ 15.807006] </TASK> [ 15.807016] [ 15.819643] Allocated by task 283: [ 15.820000] kasan_save_stack+0x45/0x70 [ 15.820352] kasan_save_track+0x18/0x40 [ 15.820721] kasan_save_alloc_info+0x3b/0x50 [ 15.821080] __kasan_kmalloc+0xb7/0xc0 [ 15.821214] __kmalloc_cache_noprof+0x189/0x420 [ 15.821369] kasan_atomics+0x95/0x310 [ 15.821503] kunit_try_run_case+0x1a5/0x480 [ 15.821651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.822139] kthread+0x337/0x6f0 [ 15.822440] ret_from_fork+0x116/0x1d0 [ 15.822817] ret_from_fork_asm+0x1a/0x30 [ 15.823188] [ 15.823345] The buggy address belongs to the object at ffff888102744f80 [ 15.823345] which belongs to the cache kmalloc-64 of size 64 [ 15.824398] The buggy address is located 0 bytes to the right of [ 15.824398] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.825342] [ 15.825416] The buggy address belongs to the physical page: [ 15.825591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.825839] flags: 0x200000000000000(node=0|zone=2) [ 15.826017] page_type: f5(slab) [ 15.826139] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.826486] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.826788] page dumped because: kasan: bad access detected [ 15.826999] [ 15.827097] Memory state around the buggy address: [ 15.827330] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.827652] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.827928] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.828201] ^ [ 15.828423] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.828723] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.829010] ================================================================== [ 15.776507] ================================================================== [ 15.777043] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.777737] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.778356] [ 15.778529] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.778573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.778585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.778606] Call Trace: [ 15.778621] <TASK> [ 15.778636] dump_stack_lvl+0x73/0xb0 [ 15.778686] print_report+0xd1/0x610 [ 15.778709] ? __virt_addr_valid+0x1db/0x2d0 [ 15.778731] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.778752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.778775] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.778796] kasan_report+0x141/0x180 [ 15.778818] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.778844] kasan_check_range+0x10c/0x1c0 [ 15.778868] __kasan_check_write+0x18/0x20 [ 15.778886] kasan_atomics_helper+0x18b1/0x5450 [ 15.778919] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.778940] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.778964] ? trace_hardirqs_on+0x37/0xe0 [ 15.778986] ? kasan_atomics+0x152/0x310 [ 15.779012] kasan_atomics+0x1dc/0x310 [ 15.779035] ? __pfx_kasan_atomics+0x10/0x10 [ 15.779062] ? __pfx_kasan_atomics+0x10/0x10 [ 15.779089] kunit_try_run_case+0x1a5/0x480 [ 15.779113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.779135] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.779159] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.779183] ? __kthread_parkme+0x82/0x180 [ 15.779203] ? preempt_count_sub+0x50/0x80 [ 15.779227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.779251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.779274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.779298] kthread+0x337/0x6f0 [ 15.779317] ? trace_preempt_on+0x20/0xc0 [ 15.779338] ? __pfx_kthread+0x10/0x10 [ 15.779359] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.779381] ? calculate_sigpending+0x7b/0xa0 [ 15.779404] ? __pfx_kthread+0x10/0x10 [ 15.779426] ret_from_fork+0x116/0x1d0 [ 15.779444] ? __pfx_kthread+0x10/0x10 [ 15.779465] ret_from_fork_asm+0x1a/0x30 [ 15.779496] </TASK> [ 15.779507] [ 15.791496] Allocated by task 283: [ 15.791834] kasan_save_stack+0x45/0x70 [ 15.792191] kasan_save_track+0x18/0x40 [ 15.792528] kasan_save_alloc_info+0x3b/0x50 [ 15.792936] __kasan_kmalloc+0xb7/0xc0 [ 15.793264] __kmalloc_cache_noprof+0x189/0x420 [ 15.793678] kasan_atomics+0x95/0x310 [ 15.794021] kunit_try_run_case+0x1a5/0x480 [ 15.794397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.794874] kthread+0x337/0x6f0 [ 15.795182] ret_from_fork+0x116/0x1d0 [ 15.795512] ret_from_fork_asm+0x1a/0x30 [ 15.795860] [ 15.795945] The buggy address belongs to the object at ffff888102744f80 [ 15.795945] which belongs to the cache kmalloc-64 of size 64 [ 15.796299] The buggy address is located 0 bytes to the right of [ 15.796299] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.796688] [ 15.796848] The buggy address belongs to the physical page: [ 15.797326] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.798019] flags: 0x200000000000000(node=0|zone=2) [ 15.798440] page_type: f5(slab) [ 15.798751] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.799408] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.800086] page dumped because: kasan: bad access detected [ 15.800567] [ 15.800743] Memory state around the buggy address: [ 15.801162] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.801733] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.801961] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.802176] ^ [ 15.802330] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.802545] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.802968] ================================================================== [ 16.196062] ================================================================== [ 16.196590] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.196983] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 16.197303] [ 16.197430] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.197473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.197486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.197507] Call Trace: [ 16.197521] <TASK> [ 16.197536] dump_stack_lvl+0x73/0xb0 [ 16.197563] print_report+0xd1/0x610 [ 16.197585] ? __virt_addr_valid+0x1db/0x2d0 [ 16.197607] ? kasan_atomics_helper+0x224c/0x5450 [ 16.197628] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.197651] ? kasan_atomics_helper+0x224c/0x5450 [ 16.197700] kasan_report+0x141/0x180 [ 16.197722] ? kasan_atomics_helper+0x224c/0x5450 [ 16.197749] kasan_check_range+0x10c/0x1c0 [ 16.197790] __kasan_check_write+0x18/0x20 [ 16.197809] kasan_atomics_helper+0x224c/0x5450 [ 16.197832] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.197854] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.197878] ? trace_hardirqs_on+0x37/0xe0 [ 16.197900] ? kasan_atomics+0x152/0x310 [ 16.197940] kasan_atomics+0x1dc/0x310 [ 16.197981] ? __pfx_kasan_atomics+0x10/0x10 [ 16.198005] ? __pfx_kasan_atomics+0x10/0x10 [ 16.198032] kunit_try_run_case+0x1a5/0x480 [ 16.198055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.198078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.198101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.198142] ? __kthread_parkme+0x82/0x180 [ 16.198162] ? preempt_count_sub+0x50/0x80 [ 16.198199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.198238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.198274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.198311] kthread+0x337/0x6f0 [ 16.198331] ? trace_preempt_on+0x20/0xc0 [ 16.198366] ? __pfx_kthread+0x10/0x10 [ 16.198400] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.198435] ? calculate_sigpending+0x7b/0xa0 [ 16.198472] ? __pfx_kthread+0x10/0x10 [ 16.198507] ret_from_fork+0x116/0x1d0 [ 16.198539] ? __pfx_kthread+0x10/0x10 [ 16.198574] ret_from_fork_asm+0x1a/0x30 [ 16.198617] </TASK> [ 16.198640] [ 16.206284] Allocated by task 283: [ 16.206470] kasan_save_stack+0x45/0x70 [ 16.206667] kasan_save_track+0x18/0x40 [ 16.206869] kasan_save_alloc_info+0x3b/0x50 [ 16.207096] __kasan_kmalloc+0xb7/0xc0 [ 16.207243] __kmalloc_cache_noprof+0x189/0x420 [ 16.207427] kasan_atomics+0x95/0x310 [ 16.207641] kunit_try_run_case+0x1a5/0x480 [ 16.207886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.208146] kthread+0x337/0x6f0 [ 16.208298] ret_from_fork+0x116/0x1d0 [ 16.208500] ret_from_fork_asm+0x1a/0x30 [ 16.208710] [ 16.208807] The buggy address belongs to the object at ffff888102744f80 [ 16.208807] which belongs to the cache kmalloc-64 of size 64 [ 16.209340] The buggy address is located 0 bytes to the right of [ 16.209340] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 16.209837] [ 16.209919] The buggy address belongs to the physical page: [ 16.210407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 16.210848] flags: 0x200000000000000(node=0|zone=2) [ 16.211128] page_type: f5(slab) [ 16.211299] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.211623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.211975] page dumped because: kasan: bad access detected [ 16.212157] [ 16.212227] Memory state around the buggy address: [ 16.212457] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.212812] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.213145] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.213448] ^ [ 16.213632] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.214147] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.214468] ================================================================== [ 15.022356] ================================================================== [ 15.022598] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 15.022826] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.023144] [ 15.023253] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.023295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.023307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.023329] Call Trace: [ 15.023342] <TASK> [ 15.023357] dump_stack_lvl+0x73/0xb0 [ 15.023384] print_report+0xd1/0x610 [ 15.023420] ? __virt_addr_valid+0x1db/0x2d0 [ 15.023442] ? kasan_atomics_helper+0x72f/0x5450 [ 15.023463] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.023486] ? kasan_atomics_helper+0x72f/0x5450 [ 15.023508] kasan_report+0x141/0x180 [ 15.023531] ? kasan_atomics_helper+0x72f/0x5450 [ 15.023557] kasan_check_range+0x10c/0x1c0 [ 15.023581] __kasan_check_write+0x18/0x20 [ 15.023600] kasan_atomics_helper+0x72f/0x5450 [ 15.023623] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.023645] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.023668] ? trace_hardirqs_on+0x37/0xe0 [ 15.023698] ? kasan_atomics+0x152/0x310 [ 15.023725] kasan_atomics+0x1dc/0x310 [ 15.023747] ? __pfx_kasan_atomics+0x10/0x10 [ 15.023769] ? __pfx_kasan_atomics+0x10/0x10 [ 15.023797] kunit_try_run_case+0x1a5/0x480 [ 15.023820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.023842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.023867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.023890] ? __kthread_parkme+0x82/0x180 [ 15.023921] ? preempt_count_sub+0x50/0x80 [ 15.023943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.023967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.023990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.024014] kthread+0x337/0x6f0 [ 15.024033] ? trace_preempt_on+0x20/0xc0 [ 15.024055] ? __pfx_kthread+0x10/0x10 [ 15.024075] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.024097] ? calculate_sigpending+0x7b/0xa0 [ 15.024121] ? __pfx_kthread+0x10/0x10 [ 15.024142] ret_from_fork+0x116/0x1d0 [ 15.024161] ? __pfx_kthread+0x10/0x10 [ 15.024181] ret_from_fork_asm+0x1a/0x30 [ 15.024212] </TASK> [ 15.024222] [ 15.036154] Allocated by task 283: [ 15.036302] kasan_save_stack+0x45/0x70 [ 15.037165] kasan_save_track+0x18/0x40 [ 15.038023] kasan_save_alloc_info+0x3b/0x50 [ 15.038238] __kasan_kmalloc+0xb7/0xc0 [ 15.038735] __kmalloc_cache_noprof+0x189/0x420 [ 15.039356] kasan_atomics+0x95/0x310 [ 15.039794] kunit_try_run_case+0x1a5/0x480 [ 15.040581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.041213] kthread+0x337/0x6f0 [ 15.041680] ret_from_fork+0x116/0x1d0 [ 15.041829] ret_from_fork_asm+0x1a/0x30 [ 15.042401] [ 15.042751] The buggy address belongs to the object at ffff888102744f80 [ 15.042751] which belongs to the cache kmalloc-64 of size 64 [ 15.044074] The buggy address is located 0 bytes to the right of [ 15.044074] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.044726] [ 15.045001] The buggy address belongs to the physical page: [ 15.045776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.046772] flags: 0x200000000000000(node=0|zone=2) [ 15.047512] page_type: f5(slab) [ 15.048124] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.048373] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.049193] page dumped because: kasan: bad access detected [ 15.049844] [ 15.050052] Memory state around the buggy address: [ 15.050700] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.051264] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.051817] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.052216] ^ [ 15.052401] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.053157] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.053655] ================================================================== [ 15.953039] ================================================================== [ 15.953756] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 15.954133] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.954476] [ 15.954584] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.954627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.954639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.954660] Call Trace: [ 15.954697] <TASK> [ 15.954712] dump_stack_lvl+0x73/0xb0 [ 15.954739] print_report+0xd1/0x610 [ 15.954762] ? __virt_addr_valid+0x1db/0x2d0 [ 15.954784] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.954805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.954826] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.954848] kasan_report+0x141/0x180 [ 15.954870] ? kasan_atomics_helper+0x1d7a/0x5450 [ 15.954896] kasan_check_range+0x10c/0x1c0 [ 15.954928] __kasan_check_write+0x18/0x20 [ 15.954948] kasan_atomics_helper+0x1d7a/0x5450 [ 15.954970] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.954992] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.955016] ? trace_hardirqs_on+0x37/0xe0 [ 15.955037] ? kasan_atomics+0x152/0x310 [ 15.955070] kasan_atomics+0x1dc/0x310 [ 15.955092] ? __pfx_kasan_atomics+0x10/0x10 [ 15.955115] ? __pfx_kasan_atomics+0x10/0x10 [ 15.955141] kunit_try_run_case+0x1a5/0x480 [ 15.955166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.955189] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.955211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.955234] ? __kthread_parkme+0x82/0x180 [ 15.955254] ? preempt_count_sub+0x50/0x80 [ 15.955277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.955301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.955324] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.955348] kthread+0x337/0x6f0 [ 15.955367] ? trace_preempt_on+0x20/0xc0 [ 15.955388] ? __pfx_kthread+0x10/0x10 [ 15.955409] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.955430] ? calculate_sigpending+0x7b/0xa0 [ 15.955453] ? __pfx_kthread+0x10/0x10 [ 15.955474] ret_from_fork+0x116/0x1d0 [ 15.955492] ? __pfx_kthread+0x10/0x10 [ 15.955512] ret_from_fork_asm+0x1a/0x30 [ 15.955543] </TASK> [ 15.955553] [ 15.962731] Allocated by task 283: [ 15.962915] kasan_save_stack+0x45/0x70 [ 15.963114] kasan_save_track+0x18/0x40 [ 15.963305] kasan_save_alloc_info+0x3b/0x50 [ 15.963513] __kasan_kmalloc+0xb7/0xc0 [ 15.963725] __kmalloc_cache_noprof+0x189/0x420 [ 15.963956] kasan_atomics+0x95/0x310 [ 15.964133] kunit_try_run_case+0x1a5/0x480 [ 15.964280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.964456] kthread+0x337/0x6f0 [ 15.964603] ret_from_fork+0x116/0x1d0 [ 15.964821] ret_from_fork_asm+0x1a/0x30 [ 15.965037] [ 15.965134] The buggy address belongs to the object at ffff888102744f80 [ 15.965134] which belongs to the cache kmalloc-64 of size 64 [ 15.965633] The buggy address is located 0 bytes to the right of [ 15.965633] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.966047] [ 15.966120] The buggy address belongs to the physical page: [ 15.966293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.966535] flags: 0x200000000000000(node=0|zone=2) [ 15.966771] page_type: f5(slab) [ 15.966945] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.967293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.967625] page dumped because: kasan: bad access detected [ 15.967900] [ 15.968002] Memory state around the buggy address: [ 15.968223] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.968460] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.968694] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.968987] ^ [ 15.969211] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.969526] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.969869] ================================================================== [ 15.490634] ================================================================== [ 15.491357] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.491655] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.491976] [ 15.492072] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.492115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.492128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.492149] Call Trace: [ 15.492163] <TASK> [ 15.492178] dump_stack_lvl+0x73/0xb0 [ 15.492205] print_report+0xd1/0x610 [ 15.492227] ? __virt_addr_valid+0x1db/0x2d0 [ 15.492250] ? kasan_atomics_helper+0x1217/0x5450 [ 15.492270] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.492292] ? kasan_atomics_helper+0x1217/0x5450 [ 15.492314] kasan_report+0x141/0x180 [ 15.492337] ? kasan_atomics_helper+0x1217/0x5450 [ 15.492364] kasan_check_range+0x10c/0x1c0 [ 15.492387] __kasan_check_write+0x18/0x20 [ 15.492406] kasan_atomics_helper+0x1217/0x5450 [ 15.492429] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.492450] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.492475] ? trace_hardirqs_on+0x37/0xe0 [ 15.492498] ? kasan_atomics+0x152/0x310 [ 15.492524] kasan_atomics+0x1dc/0x310 [ 15.492548] ? __pfx_kasan_atomics+0x10/0x10 [ 15.492570] ? __pfx_kasan_atomics+0x10/0x10 [ 15.492597] kunit_try_run_case+0x1a5/0x480 [ 15.492621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.492644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.492668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.492702] ? __kthread_parkme+0x82/0x180 [ 15.492723] ? preempt_count_sub+0x50/0x80 [ 15.492746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.492771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.492794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.492817] kthread+0x337/0x6f0 [ 15.492837] ? trace_preempt_on+0x20/0xc0 [ 15.492858] ? __pfx_kthread+0x10/0x10 [ 15.492880] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.492900] ? calculate_sigpending+0x7b/0xa0 [ 15.492954] ? __pfx_kthread+0x10/0x10 [ 15.492976] ret_from_fork+0x116/0x1d0 [ 15.492995] ? __pfx_kthread+0x10/0x10 [ 15.493015] ret_from_fork_asm+0x1a/0x30 [ 15.493045] </TASK> [ 15.493057] [ 15.500634] Allocated by task 283: [ 15.500814] kasan_save_stack+0x45/0x70 [ 15.500975] kasan_save_track+0x18/0x40 [ 15.501169] kasan_save_alloc_info+0x3b/0x50 [ 15.501380] __kasan_kmalloc+0xb7/0xc0 [ 15.501550] __kmalloc_cache_noprof+0x189/0x420 [ 15.501765] kasan_atomics+0x95/0x310 [ 15.501900] kunit_try_run_case+0x1a5/0x480 [ 15.502058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.502236] kthread+0x337/0x6f0 [ 15.502357] ret_from_fork+0x116/0x1d0 [ 15.502488] ret_from_fork_asm+0x1a/0x30 [ 15.502630] [ 15.502700] The buggy address belongs to the object at ffff888102744f80 [ 15.502700] which belongs to the cache kmalloc-64 of size 64 [ 15.503135] The buggy address is located 0 bytes to the right of [ 15.503135] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.504155] [ 15.504252] The buggy address belongs to the physical page: [ 15.504479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.504719] flags: 0x200000000000000(node=0|zone=2) [ 15.504882] page_type: f5(slab) [ 15.505010] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.505241] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.505467] page dumped because: kasan: bad access detected [ 15.505981] [ 15.506076] Memory state around the buggy address: [ 15.506303] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.506625] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.507303] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.507628] ^ [ 15.508095] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.508423] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.508791] ================================================================== [ 15.650014] ================================================================== [ 15.650662] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.651146] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.651672] [ 15.651782] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.651825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.651837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.651981] Call Trace: [ 15.651996] <TASK> [ 15.652013] dump_stack_lvl+0x73/0xb0 [ 15.652042] print_report+0xd1/0x610 [ 15.652065] ? __virt_addr_valid+0x1db/0x2d0 [ 15.652086] ? kasan_atomics_helper+0x151d/0x5450 [ 15.652108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.652130] ? kasan_atomics_helper+0x151d/0x5450 [ 15.652152] kasan_report+0x141/0x180 [ 15.652174] ? kasan_atomics_helper+0x151d/0x5450 [ 15.652200] kasan_check_range+0x10c/0x1c0 [ 15.652224] __kasan_check_write+0x18/0x20 [ 15.652243] kasan_atomics_helper+0x151d/0x5450 [ 15.652266] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.652289] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.652313] ? trace_hardirqs_on+0x37/0xe0 [ 15.652335] ? kasan_atomics+0x152/0x310 [ 15.652362] kasan_atomics+0x1dc/0x310 [ 15.652384] ? __pfx_kasan_atomics+0x10/0x10 [ 15.652408] ? __pfx_kasan_atomics+0x10/0x10 [ 15.652435] kunit_try_run_case+0x1a5/0x480 [ 15.652459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.652481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.652505] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.652529] ? __kthread_parkme+0x82/0x180 [ 15.652548] ? preempt_count_sub+0x50/0x80 [ 15.652571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.652595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.652618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.652641] kthread+0x337/0x6f0 [ 15.652661] ? trace_preempt_on+0x20/0xc0 [ 15.652849] ? __pfx_kthread+0x10/0x10 [ 15.652871] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.652892] ? calculate_sigpending+0x7b/0xa0 [ 15.652927] ? __pfx_kthread+0x10/0x10 [ 15.652948] ret_from_fork+0x116/0x1d0 [ 15.652967] ? __pfx_kthread+0x10/0x10 [ 15.652987] ret_from_fork_asm+0x1a/0x30 [ 15.653018] </TASK> [ 15.653029] [ 15.662669] Allocated by task 283: [ 15.662990] kasan_save_stack+0x45/0x70 [ 15.663340] kasan_save_track+0x18/0x40 [ 15.663524] kasan_save_alloc_info+0x3b/0x50 [ 15.663941] __kasan_kmalloc+0xb7/0xc0 [ 15.664128] __kmalloc_cache_noprof+0x189/0x420 [ 15.664406] kasan_atomics+0x95/0x310 [ 15.664567] kunit_try_run_case+0x1a5/0x480 [ 15.664794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.665253] kthread+0x337/0x6f0 [ 15.665572] ret_from_fork+0x116/0x1d0 [ 15.665758] ret_from_fork_asm+0x1a/0x30 [ 15.665980] [ 15.666078] The buggy address belongs to the object at ffff888102744f80 [ 15.666078] which belongs to the cache kmalloc-64 of size 64 [ 15.666564] The buggy address is located 0 bytes to the right of [ 15.666564] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.667412] [ 15.667503] The buggy address belongs to the physical page: [ 15.667877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.668317] flags: 0x200000000000000(node=0|zone=2) [ 15.668498] page_type: f5(slab) [ 15.668793] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.669184] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.669494] page dumped because: kasan: bad access detected [ 15.669722] [ 15.669818] Memory state around the buggy address: [ 15.670020] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.670290] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.670603] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.670853] ^ [ 15.671106] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.671474] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.671770] ================================================================== [ 14.804810] ================================================================== [ 14.805057] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.805445] Read of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 14.805771] [ 14.805880] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.805930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.805941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.805961] Call Trace: [ 14.805973] <TASK> [ 14.805986] dump_stack_lvl+0x73/0xb0 [ 14.806011] print_report+0xd1/0x610 [ 14.806031] ? __virt_addr_valid+0x1db/0x2d0 [ 14.806052] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.806072] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.806093] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.806114] kasan_report+0x141/0x180 [ 14.806136] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.806163] __asan_report_load4_noabort+0x18/0x20 [ 14.806186] kasan_atomics_helper+0x4b88/0x5450 [ 14.806207] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.806228] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.806251] ? trace_hardirqs_on+0x37/0xe0 [ 14.806271] ? kasan_atomics+0x152/0x310 [ 14.806297] kasan_atomics+0x1dc/0x310 [ 14.806318] ? __pfx_kasan_atomics+0x10/0x10 [ 14.806340] ? __pfx_kasan_atomics+0x10/0x10 [ 14.806365] kunit_try_run_case+0x1a5/0x480 [ 14.806389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.806511] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.806535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.806576] ? __kthread_parkme+0x82/0x180 [ 14.806597] ? preempt_count_sub+0x50/0x80 [ 14.806621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.806644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.806667] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.806691] kthread+0x337/0x6f0 [ 14.806710] ? trace_preempt_on+0x20/0xc0 [ 14.806732] ? __pfx_kthread+0x10/0x10 [ 14.806753] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.806774] ? calculate_sigpending+0x7b/0xa0 [ 14.806797] ? __pfx_kthread+0x10/0x10 [ 14.806819] ret_from_fork+0x116/0x1d0 [ 14.806837] ? __pfx_kthread+0x10/0x10 [ 14.806857] ret_from_fork_asm+0x1a/0x30 [ 14.806888] </TASK> [ 14.806899] [ 14.815227] Allocated by task 283: [ 14.815415] kasan_save_stack+0x45/0x70 [ 14.815635] kasan_save_track+0x18/0x40 [ 14.816037] kasan_save_alloc_info+0x3b/0x50 [ 14.816207] __kasan_kmalloc+0xb7/0xc0 [ 14.816361] __kmalloc_cache_noprof+0x189/0x420 [ 14.816619] kasan_atomics+0x95/0x310 [ 14.817027] kunit_try_run_case+0x1a5/0x480 [ 14.817195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.817372] kthread+0x337/0x6f0 [ 14.817494] ret_from_fork+0x116/0x1d0 [ 14.817628] ret_from_fork_asm+0x1a/0x30 [ 14.817768] [ 14.817842] The buggy address belongs to the object at ffff888102744f80 [ 14.817842] which belongs to the cache kmalloc-64 of size 64 [ 14.818211] The buggy address is located 0 bytes to the right of [ 14.818211] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 14.818622] [ 14.818722] The buggy address belongs to the physical page: [ 14.818986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 14.819342] flags: 0x200000000000000(node=0|zone=2) [ 14.819572] page_type: f5(slab) [ 14.819736] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.820099] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.820432] page dumped because: kasan: bad access detected [ 14.820846] [ 14.820970] Memory state around the buggy address: [ 14.821143] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.821426] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.821867] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.822193] ^ [ 14.822459] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.822771] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.823067] ================================================================== [ 15.829791] ================================================================== [ 15.830135] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.831006] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.831351] [ 15.831460] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.831502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.831515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.831535] Call Trace: [ 15.831551] <TASK> [ 15.831565] dump_stack_lvl+0x73/0xb0 [ 15.831594] print_report+0xd1/0x610 [ 15.831617] ? __virt_addr_valid+0x1db/0x2d0 [ 15.831638] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.831740] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.831762] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.831784] kasan_report+0x141/0x180 [ 15.831806] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.831832] kasan_check_range+0x10c/0x1c0 [ 15.831856] __kasan_check_write+0x18/0x20 [ 15.831875] kasan_atomics_helper+0x19e3/0x5450 [ 15.831898] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.831931] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.831955] ? trace_hardirqs_on+0x37/0xe0 [ 15.831977] ? kasan_atomics+0x152/0x310 [ 15.832003] kasan_atomics+0x1dc/0x310 [ 15.832027] ? __pfx_kasan_atomics+0x10/0x10 [ 15.832050] ? __pfx_kasan_atomics+0x10/0x10 [ 15.832076] kunit_try_run_case+0x1a5/0x480 [ 15.832100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.832123] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.832146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.832169] ? __kthread_parkme+0x82/0x180 [ 15.832189] ? preempt_count_sub+0x50/0x80 [ 15.832212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.832236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.832259] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.832283] kthread+0x337/0x6f0 [ 15.832303] ? trace_preempt_on+0x20/0xc0 [ 15.832325] ? __pfx_kthread+0x10/0x10 [ 15.832346] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.832368] ? calculate_sigpending+0x7b/0xa0 [ 15.832390] ? __pfx_kthread+0x10/0x10 [ 15.832412] ret_from_fork+0x116/0x1d0 [ 15.832431] ? __pfx_kthread+0x10/0x10 [ 15.832452] ret_from_fork_asm+0x1a/0x30 [ 15.832483] </TASK> [ 15.832494] [ 15.839796] Allocated by task 283: [ 15.839986] kasan_save_stack+0x45/0x70 [ 15.840162] kasan_save_track+0x18/0x40 [ 15.840314] kasan_save_alloc_info+0x3b/0x50 [ 15.840529] __kasan_kmalloc+0xb7/0xc0 [ 15.840740] __kmalloc_cache_noprof+0x189/0x420 [ 15.840942] kasan_atomics+0x95/0x310 [ 15.841138] kunit_try_run_case+0x1a5/0x480 [ 15.841313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.841489] kthread+0x337/0x6f0 [ 15.841617] ret_from_fork+0x116/0x1d0 [ 15.841829] ret_from_fork_asm+0x1a/0x30 [ 15.842034] [ 15.842129] The buggy address belongs to the object at ffff888102744f80 [ 15.842129] which belongs to the cache kmalloc-64 of size 64 [ 15.842657] The buggy address is located 0 bytes to the right of [ 15.842657] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.843112] [ 15.843206] The buggy address belongs to the physical page: [ 15.843455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.843719] flags: 0x200000000000000(node=0|zone=2) [ 15.843881] page_type: f5(slab) [ 15.844010] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.844240] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.844572] page dumped because: kasan: bad access detected [ 15.844850] [ 15.844958] Memory state around the buggy address: [ 15.845180] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.845496] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.845795] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.846018] ^ [ 15.846171] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.846394] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.846737] ================================================================== [ 14.937893] ================================================================== [ 14.938313] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.938997] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 14.939573] [ 14.939801] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.939860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.940013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.940037] Call Trace: [ 14.940051] <TASK> [ 14.940078] dump_stack_lvl+0x73/0xb0 [ 14.940112] print_report+0xd1/0x610 [ 14.940165] ? __virt_addr_valid+0x1db/0x2d0 [ 14.940188] ? kasan_atomics_helper+0x565/0x5450 [ 14.940210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.940233] ? kasan_atomics_helper+0x565/0x5450 [ 14.940255] kasan_report+0x141/0x180 [ 14.940277] ? kasan_atomics_helper+0x565/0x5450 [ 14.940304] kasan_check_range+0x10c/0x1c0 [ 14.940327] __kasan_check_write+0x18/0x20 [ 14.940347] kasan_atomics_helper+0x565/0x5450 [ 14.940370] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.940392] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.940416] ? trace_hardirqs_on+0x37/0xe0 [ 14.940439] ? kasan_atomics+0x152/0x310 [ 14.940466] kasan_atomics+0x1dc/0x310 [ 14.940489] ? __pfx_kasan_atomics+0x10/0x10 [ 14.940512] ? __pfx_kasan_atomics+0x10/0x10 [ 14.940538] kunit_try_run_case+0x1a5/0x480 [ 14.940561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.940585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.940608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.940631] ? __kthread_parkme+0x82/0x180 [ 14.940651] ? preempt_count_sub+0x50/0x80 [ 14.940674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.940699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.940722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.940745] kthread+0x337/0x6f0 [ 14.940764] ? trace_preempt_on+0x20/0xc0 [ 14.940786] ? __pfx_kthread+0x10/0x10 [ 14.940807] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.940828] ? calculate_sigpending+0x7b/0xa0 [ 14.940851] ? __pfx_kthread+0x10/0x10 [ 14.940873] ret_from_fork+0x116/0x1d0 [ 14.940891] ? __pfx_kthread+0x10/0x10 [ 14.940922] ret_from_fork_asm+0x1a/0x30 [ 14.940952] </TASK> [ 14.940963] [ 14.954308] Allocated by task 283: [ 14.954958] kasan_save_stack+0x45/0x70 [ 14.955259] kasan_save_track+0x18/0x40 [ 14.955656] kasan_save_alloc_info+0x3b/0x50 [ 14.955860] __kasan_kmalloc+0xb7/0xc0 [ 14.956042] __kmalloc_cache_noprof+0x189/0x420 [ 14.956231] kasan_atomics+0x95/0x310 [ 14.956754] kunit_try_run_case+0x1a5/0x480 [ 14.957063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.957483] kthread+0x337/0x6f0 [ 14.957915] ret_from_fork+0x116/0x1d0 [ 14.958177] ret_from_fork_asm+0x1a/0x30 [ 14.958598] [ 14.958845] The buggy address belongs to the object at ffff888102744f80 [ 14.958845] which belongs to the cache kmalloc-64 of size 64 [ 14.959354] The buggy address is located 0 bytes to the right of [ 14.959354] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 14.960313] [ 14.960604] The buggy address belongs to the physical page: [ 14.961089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 14.961915] flags: 0x200000000000000(node=0|zone=2) [ 14.962325] page_type: f5(slab) [ 14.962636] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.963154] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.963401] page dumped because: kasan: bad access detected [ 14.963591] [ 14.963666] Memory state around the buggy address: [ 14.963827] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.965014] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.965247] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.965948] ^ [ 14.966463] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.967028] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.967254] ================================================================== [ 15.970486] ================================================================== [ 15.970826] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 15.971147] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.971477] [ 15.971573] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.971615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.971627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.971649] Call Trace: [ 15.971681] <TASK> [ 15.971695] dump_stack_lvl+0x73/0xb0 [ 15.971723] print_report+0xd1/0x610 [ 15.971745] ? __virt_addr_valid+0x1db/0x2d0 [ 15.971768] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.971790] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.971813] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.971835] kasan_report+0x141/0x180 [ 15.971857] ? kasan_atomics_helper+0x1e12/0x5450 [ 15.971883] kasan_check_range+0x10c/0x1c0 [ 15.971915] __kasan_check_write+0x18/0x20 [ 15.971934] kasan_atomics_helper+0x1e12/0x5450 [ 15.971956] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.971979] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.972002] ? trace_hardirqs_on+0x37/0xe0 [ 15.972023] ? kasan_atomics+0x152/0x310 [ 15.972050] kasan_atomics+0x1dc/0x310 [ 15.972072] ? __pfx_kasan_atomics+0x10/0x10 [ 15.972096] ? __pfx_kasan_atomics+0x10/0x10 [ 15.972122] kunit_try_run_case+0x1a5/0x480 [ 15.972146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972168] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.972193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.972217] ? __kthread_parkme+0x82/0x180 [ 15.972237] ? preempt_count_sub+0x50/0x80 [ 15.972259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.972283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.972306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.972330] kthread+0x337/0x6f0 [ 15.972349] ? trace_preempt_on+0x20/0xc0 [ 15.972371] ? __pfx_kthread+0x10/0x10 [ 15.972391] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.972413] ? calculate_sigpending+0x7b/0xa0 [ 15.972435] ? __pfx_kthread+0x10/0x10 [ 15.972457] ret_from_fork+0x116/0x1d0 [ 15.972475] ? __pfx_kthread+0x10/0x10 [ 15.972495] ret_from_fork_asm+0x1a/0x30 [ 15.972526] </TASK> [ 15.972537] [ 15.979764] Allocated by task 283: [ 15.979953] kasan_save_stack+0x45/0x70 [ 15.980153] kasan_save_track+0x18/0x40 [ 15.980348] kasan_save_alloc_info+0x3b/0x50 [ 15.980541] __kasan_kmalloc+0xb7/0xc0 [ 15.980717] __kmalloc_cache_noprof+0x189/0x420 [ 15.980952] kasan_atomics+0x95/0x310 [ 15.981114] kunit_try_run_case+0x1a5/0x480 [ 15.981319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.981537] kthread+0x337/0x6f0 [ 15.981708] ret_from_fork+0x116/0x1d0 [ 15.981881] ret_from_fork_asm+0x1a/0x30 [ 15.982071] [ 15.982169] The buggy address belongs to the object at ffff888102744f80 [ 15.982169] which belongs to the cache kmalloc-64 of size 64 [ 15.982647] The buggy address is located 0 bytes to the right of [ 15.982647] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.983160] [ 15.983232] The buggy address belongs to the physical page: [ 15.983404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.983643] flags: 0x200000000000000(node=0|zone=2) [ 15.983824] page_type: f5(slab) [ 15.985767] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.986109] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.986464] page dumped because: kasan: bad access detected [ 15.986846] [ 15.987319] Memory state around the buggy address: [ 15.987521] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.987819] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.988283] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.988714] ^ [ 15.989028] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.989420] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.989828] ================================================================== [ 15.864473] ================================================================== [ 15.864855] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.865161] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.865443] [ 15.865535] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.865582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.865594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.865615] Call Trace: [ 15.865629] <TASK> [ 15.865644] dump_stack_lvl+0x73/0xb0 [ 15.865693] print_report+0xd1/0x610 [ 15.865717] ? __virt_addr_valid+0x1db/0x2d0 [ 15.865739] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.865761] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.865783] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.865804] kasan_report+0x141/0x180 [ 15.865827] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.865854] kasan_check_range+0x10c/0x1c0 [ 15.865877] __kasan_check_write+0x18/0x20 [ 15.865896] kasan_atomics_helper+0x1b22/0x5450 [ 15.865927] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.865948] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.865972] ? trace_hardirqs_on+0x37/0xe0 [ 15.865993] ? kasan_atomics+0x152/0x310 [ 15.866020] kasan_atomics+0x1dc/0x310 [ 15.866043] ? __pfx_kasan_atomics+0x10/0x10 [ 15.866065] ? __pfx_kasan_atomics+0x10/0x10 [ 15.866092] kunit_try_run_case+0x1a5/0x480 [ 15.866116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.866137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.866161] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.866184] ? __kthread_parkme+0x82/0x180 [ 15.866205] ? preempt_count_sub+0x50/0x80 [ 15.866228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.866252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.866275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.866299] kthread+0x337/0x6f0 [ 15.866318] ? trace_preempt_on+0x20/0xc0 [ 15.866339] ? __pfx_kthread+0x10/0x10 [ 15.866361] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.866382] ? calculate_sigpending+0x7b/0xa0 [ 15.866405] ? __pfx_kthread+0x10/0x10 [ 15.866426] ret_from_fork+0x116/0x1d0 [ 15.866445] ? __pfx_kthread+0x10/0x10 [ 15.866466] ret_from_fork_asm+0x1a/0x30 [ 15.866496] </TASK> [ 15.866506] [ 15.873919] Allocated by task 283: [ 15.874097] kasan_save_stack+0x45/0x70 [ 15.874276] kasan_save_track+0x18/0x40 [ 15.874451] kasan_save_alloc_info+0x3b/0x50 [ 15.874635] __kasan_kmalloc+0xb7/0xc0 [ 15.874850] __kmalloc_cache_noprof+0x189/0x420 [ 15.875035] kasan_atomics+0x95/0x310 [ 15.875224] kunit_try_run_case+0x1a5/0x480 [ 15.875370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.875547] kthread+0x337/0x6f0 [ 15.875686] ret_from_fork+0x116/0x1d0 [ 15.875820] ret_from_fork_asm+0x1a/0x30 [ 15.875969] [ 15.876041] The buggy address belongs to the object at ffff888102744f80 [ 15.876041] which belongs to the cache kmalloc-64 of size 64 [ 15.876392] The buggy address is located 0 bytes to the right of [ 15.876392] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.876896] [ 15.877012] The buggy address belongs to the physical page: [ 15.877260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.877609] flags: 0x200000000000000(node=0|zone=2) [ 15.877860] page_type: f5(slab) [ 15.878046] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.878391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.878748] page dumped because: kasan: bad access detected [ 15.879009] [ 15.879109] Memory state around the buggy address: [ 15.879332] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.879649] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.879961] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.880202] ^ [ 15.880358] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.880573] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.880814] ================================================================== [ 15.407881] ================================================================== [ 15.408547] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.409197] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.409571] [ 15.409711] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.409779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.409803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.409825] Call Trace: [ 15.409836] <TASK> [ 15.409850] dump_stack_lvl+0x73/0xb0 [ 15.409878] print_report+0xd1/0x610 [ 15.409900] ? __virt_addr_valid+0x1db/0x2d0 [ 15.409933] ? kasan_atomics_helper+0x1079/0x5450 [ 15.409969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.409991] ? kasan_atomics_helper+0x1079/0x5450 [ 15.410014] kasan_report+0x141/0x180 [ 15.410036] ? kasan_atomics_helper+0x1079/0x5450 [ 15.410062] kasan_check_range+0x10c/0x1c0 [ 15.410086] __kasan_check_write+0x18/0x20 [ 15.410105] kasan_atomics_helper+0x1079/0x5450 [ 15.410127] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.410149] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.410174] ? trace_hardirqs_on+0x37/0xe0 [ 15.410195] ? kasan_atomics+0x152/0x310 [ 15.410221] kasan_atomics+0x1dc/0x310 [ 15.410244] ? __pfx_kasan_atomics+0x10/0x10 [ 15.410267] ? __pfx_kasan_atomics+0x10/0x10 [ 15.410293] kunit_try_run_case+0x1a5/0x480 [ 15.410317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.410340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.410364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.410387] ? __kthread_parkme+0x82/0x180 [ 15.410407] ? preempt_count_sub+0x50/0x80 [ 15.410431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.410455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.410478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.410502] kthread+0x337/0x6f0 [ 15.410521] ? trace_preempt_on+0x20/0xc0 [ 15.410543] ? __pfx_kthread+0x10/0x10 [ 15.410564] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.410585] ? calculate_sigpending+0x7b/0xa0 [ 15.410608] ? __pfx_kthread+0x10/0x10 [ 15.410629] ret_from_fork+0x116/0x1d0 [ 15.410648] ? __pfx_kthread+0x10/0x10 [ 15.410668] ret_from_fork_asm+0x1a/0x30 [ 15.410709] </TASK> [ 15.410720] [ 15.418614] Allocated by task 283: [ 15.418918] kasan_save_stack+0x45/0x70 [ 15.419071] kasan_save_track+0x18/0x40 [ 15.419206] kasan_save_alloc_info+0x3b/0x50 [ 15.419356] __kasan_kmalloc+0xb7/0xc0 [ 15.419545] __kmalloc_cache_noprof+0x189/0x420 [ 15.419857] kasan_atomics+0x95/0x310 [ 15.420071] kunit_try_run_case+0x1a5/0x480 [ 15.420296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.420563] kthread+0x337/0x6f0 [ 15.420796] ret_from_fork+0x116/0x1d0 [ 15.420968] ret_from_fork_asm+0x1a/0x30 [ 15.421180] [ 15.421290] The buggy address belongs to the object at ffff888102744f80 [ 15.421290] which belongs to the cache kmalloc-64 of size 64 [ 15.421806] The buggy address is located 0 bytes to the right of [ 15.421806] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.422353] [ 15.422445] The buggy address belongs to the physical page: [ 15.422687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.423062] flags: 0x200000000000000(node=0|zone=2) [ 15.423288] page_type: f5(slab) [ 15.423452] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.423712] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.423939] page dumped because: kasan: bad access detected [ 15.424104] [ 15.424184] Memory state around the buggy address: [ 15.424375] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.424670] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.425999] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.426307] ^ [ 15.426464] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.426870] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.427256] ================================================================== [ 15.180548] ================================================================== [ 15.181038] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.181668] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.182031] [ 15.182145] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.182187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.182199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.182220] Call Trace: [ 15.182234] <TASK> [ 15.182248] dump_stack_lvl+0x73/0xb0 [ 15.182276] print_report+0xd1/0x610 [ 15.182297] ? __virt_addr_valid+0x1db/0x2d0 [ 15.182319] ? kasan_atomics_helper+0xac7/0x5450 [ 15.182341] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.183305] ? kasan_atomics_helper+0xac7/0x5450 [ 15.183330] kasan_report+0x141/0x180 [ 15.183548] ? kasan_atomics_helper+0xac7/0x5450 [ 15.183580] kasan_check_range+0x10c/0x1c0 [ 15.183605] __kasan_check_write+0x18/0x20 [ 15.183625] kasan_atomics_helper+0xac7/0x5450 [ 15.183647] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.183669] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.183706] ? trace_hardirqs_on+0x37/0xe0 [ 15.183728] ? kasan_atomics+0x152/0x310 [ 15.183754] kasan_atomics+0x1dc/0x310 [ 15.183777] ? __pfx_kasan_atomics+0x10/0x10 [ 15.183800] ? __pfx_kasan_atomics+0x10/0x10 [ 15.183827] kunit_try_run_case+0x1a5/0x480 [ 15.183851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.183873] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.183896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.183932] ? __kthread_parkme+0x82/0x180 [ 15.183952] ? preempt_count_sub+0x50/0x80 [ 15.183976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.183999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.184022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.184045] kthread+0x337/0x6f0 [ 15.184065] ? trace_preempt_on+0x20/0xc0 [ 15.184087] ? __pfx_kthread+0x10/0x10 [ 15.184108] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.184129] ? calculate_sigpending+0x7b/0xa0 [ 15.184152] ? __pfx_kthread+0x10/0x10 [ 15.184173] ret_from_fork+0x116/0x1d0 [ 15.184194] ? __pfx_kthread+0x10/0x10 [ 15.184214] ret_from_fork_asm+0x1a/0x30 [ 15.184245] </TASK> [ 15.184255] [ 15.192806] Allocated by task 283: [ 15.193010] kasan_save_stack+0x45/0x70 [ 15.193188] kasan_save_track+0x18/0x40 [ 15.193443] kasan_save_alloc_info+0x3b/0x50 [ 15.193607] __kasan_kmalloc+0xb7/0xc0 [ 15.193891] __kmalloc_cache_noprof+0x189/0x420 [ 15.194125] kasan_atomics+0x95/0x310 [ 15.194280] kunit_try_run_case+0x1a5/0x480 [ 15.194658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.194920] kthread+0x337/0x6f0 [ 15.195045] ret_from_fork+0x116/0x1d0 [ 15.195182] ret_from_fork_asm+0x1a/0x30 [ 15.195322] [ 15.195444] The buggy address belongs to the object at ffff888102744f80 [ 15.195444] which belongs to the cache kmalloc-64 of size 64 [ 15.196024] The buggy address is located 0 bytes to the right of [ 15.196024] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.196824] [ 15.196927] The buggy address belongs to the physical page: [ 15.197141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.197426] flags: 0x200000000000000(node=0|zone=2) [ 15.197708] page_type: f5(slab) [ 15.197879] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.198199] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.198496] page dumped because: kasan: bad access detected [ 15.198714] [ 15.198790] Memory state around the buggy address: [ 15.198961] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.199187] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.199405] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.199619] ^ [ 15.199834] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.200407] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.200787] ================================================================== [ 15.140958] ================================================================== [ 15.141749] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.142211] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.142718] [ 15.143092] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.143245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.143261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.143286] Call Trace: [ 15.143303] <TASK> [ 15.143320] dump_stack_lvl+0x73/0xb0 [ 15.143370] print_report+0xd1/0x610 [ 15.143395] ? __virt_addr_valid+0x1db/0x2d0 [ 15.143418] ? kasan_atomics_helper+0x992/0x5450 [ 15.143439] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.143461] ? kasan_atomics_helper+0x992/0x5450 [ 15.143482] kasan_report+0x141/0x180 [ 15.143504] ? kasan_atomics_helper+0x992/0x5450 [ 15.143532] kasan_check_range+0x10c/0x1c0 [ 15.143555] __kasan_check_write+0x18/0x20 [ 15.143575] kasan_atomics_helper+0x992/0x5450 [ 15.143597] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.143619] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.143642] ? trace_hardirqs_on+0x37/0xe0 [ 15.143664] ? kasan_atomics+0x152/0x310 [ 15.143691] kasan_atomics+0x1dc/0x310 [ 15.143714] ? __pfx_kasan_atomics+0x10/0x10 [ 15.143737] ? __pfx_kasan_atomics+0x10/0x10 [ 15.143764] kunit_try_run_case+0x1a5/0x480 [ 15.143788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.143810] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.143834] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.143858] ? __kthread_parkme+0x82/0x180 [ 15.143878] ? preempt_count_sub+0x50/0x80 [ 15.143902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.143937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.143961] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.143985] kthread+0x337/0x6f0 [ 15.144005] ? trace_preempt_on+0x20/0xc0 [ 15.144026] ? __pfx_kthread+0x10/0x10 [ 15.144047] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.144068] ? calculate_sigpending+0x7b/0xa0 [ 15.144092] ? __pfx_kthread+0x10/0x10 [ 15.144113] ret_from_fork+0x116/0x1d0 [ 15.144132] ? __pfx_kthread+0x10/0x10 [ 15.144153] ret_from_fork_asm+0x1a/0x30 [ 15.144183] </TASK> [ 15.144194] [ 15.152440] Allocated by task 283: [ 15.152629] kasan_save_stack+0x45/0x70 [ 15.152875] kasan_save_track+0x18/0x40 [ 15.153024] kasan_save_alloc_info+0x3b/0x50 [ 15.153174] __kasan_kmalloc+0xb7/0xc0 [ 15.153307] __kmalloc_cache_noprof+0x189/0x420 [ 15.153463] kasan_atomics+0x95/0x310 [ 15.153597] kunit_try_run_case+0x1a5/0x480 [ 15.153882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.154424] kthread+0x337/0x6f0 [ 15.154641] ret_from_fork+0x116/0x1d0 [ 15.155026] ret_from_fork_asm+0x1a/0x30 [ 15.155230] [ 15.155330] The buggy address belongs to the object at ffff888102744f80 [ 15.155330] which belongs to the cache kmalloc-64 of size 64 [ 15.155924] The buggy address is located 0 bytes to the right of [ 15.155924] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.156492] [ 15.156565] The buggy address belongs to the physical page: [ 15.156943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.157199] flags: 0x200000000000000(node=0|zone=2) [ 15.157536] page_type: f5(slab) [ 15.157718] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.158023] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.158304] page dumped because: kasan: bad access detected [ 15.158752] [ 15.158856] Memory state around the buggy address: [ 15.159103] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.159393] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.159715] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.159950] ^ [ 15.160107] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.160323] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.160636] ================================================================== [ 15.690553] ================================================================== [ 15.691574] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.691841] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.692171] [ 15.692287] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.692331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.692345] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.692367] Call Trace: [ 15.692382] <TASK> [ 15.692397] dump_stack_lvl+0x73/0xb0 [ 15.692426] print_report+0xd1/0x610 [ 15.692449] ? __virt_addr_valid+0x1db/0x2d0 [ 15.692471] ? kasan_atomics_helper+0x164f/0x5450 [ 15.692541] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.692565] ? kasan_atomics_helper+0x164f/0x5450 [ 15.692587] kasan_report+0x141/0x180 [ 15.692623] ? kasan_atomics_helper+0x164f/0x5450 [ 15.692650] kasan_check_range+0x10c/0x1c0 [ 15.692674] __kasan_check_write+0x18/0x20 [ 15.692693] kasan_atomics_helper+0x164f/0x5450 [ 15.692716] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.692738] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.692761] ? trace_hardirqs_on+0x37/0xe0 [ 15.692783] ? kasan_atomics+0x152/0x310 [ 15.692810] kasan_atomics+0x1dc/0x310 [ 15.692832] ? __pfx_kasan_atomics+0x10/0x10 [ 15.692889] ? __pfx_kasan_atomics+0x10/0x10 [ 15.692976] kunit_try_run_case+0x1a5/0x480 [ 15.693001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.693036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.693059] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.693083] ? __kthread_parkme+0x82/0x180 [ 15.693103] ? preempt_count_sub+0x50/0x80 [ 15.693126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.693150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.693173] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.693197] kthread+0x337/0x6f0 [ 15.693217] ? trace_preempt_on+0x20/0xc0 [ 15.693238] ? __pfx_kthread+0x10/0x10 [ 15.693259] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.693281] ? calculate_sigpending+0x7b/0xa0 [ 15.693304] ? __pfx_kthread+0x10/0x10 [ 15.693325] ret_from_fork+0x116/0x1d0 [ 15.693344] ? __pfx_kthread+0x10/0x10 [ 15.693365] ret_from_fork_asm+0x1a/0x30 [ 15.693395] </TASK> [ 15.693405] [ 15.705071] Allocated by task 283: [ 15.705267] kasan_save_stack+0x45/0x70 [ 15.705416] kasan_save_track+0x18/0x40 [ 15.705554] kasan_save_alloc_info+0x3b/0x50 [ 15.705764] __kasan_kmalloc+0xb7/0xc0 [ 15.705974] __kmalloc_cache_noprof+0x189/0x420 [ 15.706339] kasan_atomics+0x95/0x310 [ 15.706530] kunit_try_run_case+0x1a5/0x480 [ 15.706763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.707002] kthread+0x337/0x6f0 [ 15.707142] ret_from_fork+0x116/0x1d0 [ 15.707277] ret_from_fork_asm+0x1a/0x30 [ 15.707476] [ 15.707571] The buggy address belongs to the object at ffff888102744f80 [ 15.707571] which belongs to the cache kmalloc-64 of size 64 [ 15.708218] The buggy address is located 0 bytes to the right of [ 15.708218] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.708690] [ 15.708802] The buggy address belongs to the physical page: [ 15.709058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.709376] flags: 0x200000000000000(node=0|zone=2) [ 15.709540] page_type: f5(slab) [ 15.709667] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.709995] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.710368] page dumped because: kasan: bad access detected [ 15.710600] [ 15.710727] Memory state around the buggy address: [ 15.710913] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.711225] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.711454] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.711784] ^ [ 15.712062] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.712531] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.712841] ================================================================== [ 15.345986] ================================================================== [ 15.346322] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.346945] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.347243] [ 15.347342] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.347479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.347491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.347512] Call Trace: [ 15.347527] <TASK> [ 15.347540] dump_stack_lvl+0x73/0xb0 [ 15.347568] print_report+0xd1/0x610 [ 15.347589] ? __virt_addr_valid+0x1db/0x2d0 [ 15.347612] ? kasan_atomics_helper+0xf10/0x5450 [ 15.347633] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.347656] ? kasan_atomics_helper+0xf10/0x5450 [ 15.347677] kasan_report+0x141/0x180 [ 15.347709] ? kasan_atomics_helper+0xf10/0x5450 [ 15.347735] kasan_check_range+0x10c/0x1c0 [ 15.347759] __kasan_check_write+0x18/0x20 [ 15.347778] kasan_atomics_helper+0xf10/0x5450 [ 15.347800] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.347822] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.347845] ? trace_hardirqs_on+0x37/0xe0 [ 15.347868] ? kasan_atomics+0x152/0x310 [ 15.347895] kasan_atomics+0x1dc/0x310 [ 15.347928] ? __pfx_kasan_atomics+0x10/0x10 [ 15.347951] ? __pfx_kasan_atomics+0x10/0x10 [ 15.347978] kunit_try_run_case+0x1a5/0x480 [ 15.348002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.348025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.348048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.348071] ? __kthread_parkme+0x82/0x180 [ 15.348091] ? preempt_count_sub+0x50/0x80 [ 15.348114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.348139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.348162] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.348186] kthread+0x337/0x6f0 [ 15.348206] ? trace_preempt_on+0x20/0xc0 [ 15.348228] ? __pfx_kthread+0x10/0x10 [ 15.348248] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.348269] ? calculate_sigpending+0x7b/0xa0 [ 15.348292] ? __pfx_kthread+0x10/0x10 [ 15.348314] ret_from_fork+0x116/0x1d0 [ 15.348333] ? __pfx_kthread+0x10/0x10 [ 15.348424] ret_from_fork_asm+0x1a/0x30 [ 15.348459] </TASK> [ 15.348469] [ 15.356591] Allocated by task 283: [ 15.356799] kasan_save_stack+0x45/0x70 [ 15.356993] kasan_save_track+0x18/0x40 [ 15.357166] kasan_save_alloc_info+0x3b/0x50 [ 15.357348] __kasan_kmalloc+0xb7/0xc0 [ 15.357519] __kmalloc_cache_noprof+0x189/0x420 [ 15.357674] kasan_atomics+0x95/0x310 [ 15.357807] kunit_try_run_case+0x1a5/0x480 [ 15.357983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.358239] kthread+0x337/0x6f0 [ 15.358404] ret_from_fork+0x116/0x1d0 [ 15.358588] ret_from_fork_asm+0x1a/0x30 [ 15.358787] [ 15.359131] The buggy address belongs to the object at ffff888102744f80 [ 15.359131] which belongs to the cache kmalloc-64 of size 64 [ 15.359750] The buggy address is located 0 bytes to the right of [ 15.359750] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.360245] [ 15.360343] The buggy address belongs to the physical page: [ 15.360557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.360890] flags: 0x200000000000000(node=0|zone=2) [ 15.361098] page_type: f5(slab) [ 15.361218] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.361449] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.361675] page dumped because: kasan: bad access detected [ 15.361938] [ 15.362033] Memory state around the buggy address: [ 15.362272] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.362598] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.363307] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.363735] ^ [ 15.363980] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.364199] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.364403] ================================================================== [ 15.629403] ================================================================== [ 15.629812] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.630170] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.630503] [ 15.630615] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.630658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.630670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.630691] Call Trace: [ 15.630708] <TASK> [ 15.630722] dump_stack_lvl+0x73/0xb0 [ 15.630749] print_report+0xd1/0x610 [ 15.630771] ? __virt_addr_valid+0x1db/0x2d0 [ 15.630794] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.630815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.630838] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.630861] kasan_report+0x141/0x180 [ 15.630883] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.630921] __asan_report_store8_noabort+0x1b/0x30 [ 15.630946] kasan_atomics_helper+0x50d4/0x5450 [ 15.630969] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.630991] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.631015] ? trace_hardirqs_on+0x37/0xe0 [ 15.631035] ? kasan_atomics+0x152/0x310 [ 15.631065] kasan_atomics+0x1dc/0x310 [ 15.631088] ? __pfx_kasan_atomics+0x10/0x10 [ 15.631111] ? __pfx_kasan_atomics+0x10/0x10 [ 15.631138] kunit_try_run_case+0x1a5/0x480 [ 15.631162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.631185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.631207] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.631230] ? __kthread_parkme+0x82/0x180 [ 15.631251] ? preempt_count_sub+0x50/0x80 [ 15.631274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.631298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.631321] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.631344] kthread+0x337/0x6f0 [ 15.631364] ? trace_preempt_on+0x20/0xc0 [ 15.631386] ? __pfx_kthread+0x10/0x10 [ 15.631406] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.631427] ? calculate_sigpending+0x7b/0xa0 [ 15.631450] ? __pfx_kthread+0x10/0x10 [ 15.631472] ret_from_fork+0x116/0x1d0 [ 15.631490] ? __pfx_kthread+0x10/0x10 [ 15.631511] ret_from_fork_asm+0x1a/0x30 [ 15.631541] </TASK> [ 15.631552] [ 15.638582] Allocated by task 283: [ 15.638725] kasan_save_stack+0x45/0x70 [ 15.638937] kasan_save_track+0x18/0x40 [ 15.639136] kasan_save_alloc_info+0x3b/0x50 [ 15.639384] __kasan_kmalloc+0xb7/0xc0 [ 15.639576] __kmalloc_cache_noprof+0x189/0x420 [ 15.639856] kasan_atomics+0x95/0x310 [ 15.640033] kunit_try_run_case+0x1a5/0x480 [ 15.640180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.640367] kthread+0x337/0x6f0 [ 15.640541] ret_from_fork+0x116/0x1d0 [ 15.640754] ret_from_fork_asm+0x1a/0x30 [ 15.641117] [ 15.641216] The buggy address belongs to the object at ffff888102744f80 [ 15.641216] which belongs to the cache kmalloc-64 of size 64 [ 15.642088] The buggy address is located 0 bytes to the right of [ 15.642088] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.642726] [ 15.642840] The buggy address belongs to the physical page: [ 15.643091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.643340] flags: 0x200000000000000(node=0|zone=2) [ 15.643503] page_type: f5(slab) [ 15.643625] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.645588] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.646149] page dumped because: kasan: bad access detected [ 15.646479] [ 15.646583] Memory state around the buggy address: [ 15.647009] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.647372] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.647792] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.648121] ^ [ 15.648315] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.648618] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.649254] ================================================================== [ 15.990955] ================================================================== [ 15.991290] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 15.991935] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.992496] [ 15.992617] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.992702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.992792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.992815] Call Trace: [ 15.992832] <TASK> [ 15.992848] dump_stack_lvl+0x73/0xb0 [ 15.992879] print_report+0xd1/0x610 [ 15.992901] ? __virt_addr_valid+0x1db/0x2d0 [ 15.992935] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.992957] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.992980] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.993002] kasan_report+0x141/0x180 [ 15.993025] ? kasan_atomics_helper+0x1eaa/0x5450 [ 15.993055] kasan_check_range+0x10c/0x1c0 [ 15.993079] __kasan_check_write+0x18/0x20 [ 15.993099] kasan_atomics_helper+0x1eaa/0x5450 [ 15.993121] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.993143] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.993168] ? trace_hardirqs_on+0x37/0xe0 [ 15.993189] ? kasan_atomics+0x152/0x310 [ 15.993217] kasan_atomics+0x1dc/0x310 [ 15.993240] ? __pfx_kasan_atomics+0x10/0x10 [ 15.993263] ? __pfx_kasan_atomics+0x10/0x10 [ 15.993289] kunit_try_run_case+0x1a5/0x480 [ 15.993314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.993337] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.993362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.993385] ? __kthread_parkme+0x82/0x180 [ 15.993405] ? preempt_count_sub+0x50/0x80 [ 15.993429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.993453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.993476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.993499] kthread+0x337/0x6f0 [ 15.993519] ? trace_preempt_on+0x20/0xc0 [ 15.993540] ? __pfx_kthread+0x10/0x10 [ 15.993561] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.993582] ? calculate_sigpending+0x7b/0xa0 [ 15.993606] ? __pfx_kthread+0x10/0x10 [ 15.993627] ret_from_fork+0x116/0x1d0 [ 15.993645] ? __pfx_kthread+0x10/0x10 [ 15.993692] ret_from_fork_asm+0x1a/0x30 [ 15.993724] </TASK> [ 15.993735] [ 16.004255] Allocated by task 283: [ 16.004508] kasan_save_stack+0x45/0x70 [ 16.004973] kasan_save_track+0x18/0x40 [ 16.005182] kasan_save_alloc_info+0x3b/0x50 [ 16.005385] __kasan_kmalloc+0xb7/0xc0 [ 16.005576] __kmalloc_cache_noprof+0x189/0x420 [ 16.006067] kasan_atomics+0x95/0x310 [ 16.006362] kunit_try_run_case+0x1a5/0x480 [ 16.006605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.007024] kthread+0x337/0x6f0 [ 16.007220] ret_from_fork+0x116/0x1d0 [ 16.007515] ret_from_fork_asm+0x1a/0x30 [ 16.007767] [ 16.007872] The buggy address belongs to the object at ffff888102744f80 [ 16.007872] which belongs to the cache kmalloc-64 of size 64 [ 16.008685] The buggy address is located 0 bytes to the right of [ 16.008685] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 16.009313] [ 16.009417] The buggy address belongs to the physical page: [ 16.009834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 16.010293] flags: 0x200000000000000(node=0|zone=2) [ 16.010530] page_type: f5(slab) [ 16.010864] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.011310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.011747] page dumped because: kasan: bad access detected [ 16.011977] [ 16.012079] Memory state around the buggy address: [ 16.012558] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.012881] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.013300] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.013639] ^ [ 16.014031] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.014340] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.014791] ================================================================== [ 14.757134] ================================================================== [ 14.758016] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.758344] Read of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 14.759118] [ 14.759421] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.759481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.759494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.759515] Call Trace: [ 14.759527] <TASK> [ 14.759544] dump_stack_lvl+0x73/0xb0 [ 14.759574] print_report+0xd1/0x610 [ 14.759595] ? __virt_addr_valid+0x1db/0x2d0 [ 14.759618] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.759638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.759659] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.759766] kasan_report+0x141/0x180 [ 14.759790] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.759816] __asan_report_load4_noabort+0x18/0x20 [ 14.759839] kasan_atomics_helper+0x4bbc/0x5450 [ 14.759860] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.759882] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.759918] ? trace_hardirqs_on+0x37/0xe0 [ 14.759940] ? kasan_atomics+0x152/0x310 [ 14.759966] kasan_atomics+0x1dc/0x310 [ 14.759988] ? __pfx_kasan_atomics+0x10/0x10 [ 14.760012] ? __pfx_kasan_atomics+0x10/0x10 [ 14.760038] kunit_try_run_case+0x1a5/0x480 [ 14.760062] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.760083] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.760105] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.760128] ? __kthread_parkme+0x82/0x180 [ 14.760147] ? preempt_count_sub+0x50/0x80 [ 14.760170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.760192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.760214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.760237] kthread+0x337/0x6f0 [ 14.760256] ? trace_preempt_on+0x20/0xc0 [ 14.760276] ? __pfx_kthread+0x10/0x10 [ 14.760296] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.760316] ? calculate_sigpending+0x7b/0xa0 [ 14.760339] ? __pfx_kthread+0x10/0x10 [ 14.760377] ret_from_fork+0x116/0x1d0 [ 14.760395] ? __pfx_kthread+0x10/0x10 [ 14.760415] ret_from_fork_asm+0x1a/0x30 [ 14.760445] </TASK> [ 14.760455] [ 14.773063] Allocated by task 283: [ 14.773246] kasan_save_stack+0x45/0x70 [ 14.773880] kasan_save_track+0x18/0x40 [ 14.774094] kasan_save_alloc_info+0x3b/0x50 [ 14.774441] __kasan_kmalloc+0xb7/0xc0 [ 14.774804] __kmalloc_cache_noprof+0x189/0x420 [ 14.775163] kasan_atomics+0x95/0x310 [ 14.775383] kunit_try_run_case+0x1a5/0x480 [ 14.775850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.776200] kthread+0x337/0x6f0 [ 14.776801] ret_from_fork+0x116/0x1d0 [ 14.777012] ret_from_fork_asm+0x1a/0x30 [ 14.777282] [ 14.777363] The buggy address belongs to the object at ffff888102744f80 [ 14.777363] which belongs to the cache kmalloc-64 of size 64 [ 14.778277] The buggy address is located 0 bytes to the right of [ 14.778277] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 14.779177] [ 14.779466] The buggy address belongs to the physical page: [ 14.779714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 14.780082] flags: 0x200000000000000(node=0|zone=2) [ 14.780298] page_type: f5(slab) [ 14.780503] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.781416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.781933] page dumped because: kasan: bad access detected [ 14.782291] [ 14.782478] Memory state around the buggy address: [ 14.782903] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.783341] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.783833] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.784263] ^ [ 14.784874] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.785226] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.785639] ================================================================== [ 15.364727] ================================================================== [ 15.365006] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.365373] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.365971] [ 15.366085] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.366128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.366140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.366164] Call Trace: [ 15.366320] <TASK> [ 15.366348] dump_stack_lvl+0x73/0xb0 [ 15.366378] print_report+0xd1/0x610 [ 15.366400] ? __virt_addr_valid+0x1db/0x2d0 [ 15.366421] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.366442] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.366465] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.366486] kasan_report+0x141/0x180 [ 15.366510] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.366538] kasan_check_range+0x10c/0x1c0 [ 15.366563] __kasan_check_write+0x18/0x20 [ 15.366583] kasan_atomics_helper+0xfa9/0x5450 [ 15.366606] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.366629] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.366652] ? trace_hardirqs_on+0x37/0xe0 [ 15.366675] ? kasan_atomics+0x152/0x310 [ 15.366722] kasan_atomics+0x1dc/0x310 [ 15.366745] ? __pfx_kasan_atomics+0x10/0x10 [ 15.366769] ? __pfx_kasan_atomics+0x10/0x10 [ 15.366797] kunit_try_run_case+0x1a5/0x480 [ 15.366821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.366843] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.366867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.366890] ? __kthread_parkme+0x82/0x180 [ 15.366921] ? preempt_count_sub+0x50/0x80 [ 15.366944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.366968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.366991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.367015] kthread+0x337/0x6f0 [ 15.367034] ? trace_preempt_on+0x20/0xc0 [ 15.367063] ? __pfx_kthread+0x10/0x10 [ 15.367084] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.367105] ? calculate_sigpending+0x7b/0xa0 [ 15.367128] ? __pfx_kthread+0x10/0x10 [ 15.367150] ret_from_fork+0x116/0x1d0 [ 15.367168] ? __pfx_kthread+0x10/0x10 [ 15.367189] ret_from_fork_asm+0x1a/0x30 [ 15.367220] </TASK> [ 15.367230] [ 15.376619] Allocated by task 283: [ 15.376799] kasan_save_stack+0x45/0x70 [ 15.377007] kasan_save_track+0x18/0x40 [ 15.377205] kasan_save_alloc_info+0x3b/0x50 [ 15.377384] __kasan_kmalloc+0xb7/0xc0 [ 15.377665] __kmalloc_cache_noprof+0x189/0x420 [ 15.377879] kasan_atomics+0x95/0x310 [ 15.378160] kunit_try_run_case+0x1a5/0x480 [ 15.378338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.378563] kthread+0x337/0x6f0 [ 15.378748] ret_from_fork+0x116/0x1d0 [ 15.378957] ret_from_fork_asm+0x1a/0x30 [ 15.379154] [ 15.379251] The buggy address belongs to the object at ffff888102744f80 [ 15.379251] which belongs to the cache kmalloc-64 of size 64 [ 15.379851] The buggy address is located 0 bytes to the right of [ 15.379851] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.380691] [ 15.380802] The buggy address belongs to the physical page: [ 15.381183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.381585] flags: 0x200000000000000(node=0|zone=2) [ 15.381994] page_type: f5(slab) [ 15.382132] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.382580] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.382949] page dumped because: kasan: bad access detected [ 15.383223] [ 15.383335] Memory state around the buggy address: [ 15.383575] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.383925] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.384247] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.384558] ^ [ 15.384780] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.385105] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.385415] ================================================================== [ 16.157712] ================================================================== [ 16.158069] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.158474] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 16.158980] [ 16.159079] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 16.159121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.159134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.159154] Call Trace: [ 16.159169] <TASK> [ 16.159184] dump_stack_lvl+0x73/0xb0 [ 16.159212] print_report+0xd1/0x610 [ 16.159234] ? __virt_addr_valid+0x1db/0x2d0 [ 16.159256] ? kasan_atomics_helper+0x218a/0x5450 [ 16.159304] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.159327] ? kasan_atomics_helper+0x218a/0x5450 [ 16.159349] kasan_report+0x141/0x180 [ 16.159371] ? kasan_atomics_helper+0x218a/0x5450 [ 16.159414] kasan_check_range+0x10c/0x1c0 [ 16.159438] __kasan_check_write+0x18/0x20 [ 16.159458] kasan_atomics_helper+0x218a/0x5450 [ 16.159482] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.159504] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.159528] ? trace_hardirqs_on+0x37/0xe0 [ 16.159550] ? kasan_atomics+0x152/0x310 [ 16.159576] kasan_atomics+0x1dc/0x310 [ 16.159600] ? __pfx_kasan_atomics+0x10/0x10 [ 16.159623] ? __pfx_kasan_atomics+0x10/0x10 [ 16.159650] kunit_try_run_case+0x1a5/0x480 [ 16.159674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.159709] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.159733] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.159757] ? __kthread_parkme+0x82/0x180 [ 16.159796] ? preempt_count_sub+0x50/0x80 [ 16.159821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.159845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.159868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.159892] kthread+0x337/0x6f0 [ 16.159923] ? trace_preempt_on+0x20/0xc0 [ 16.159945] ? __pfx_kthread+0x10/0x10 [ 16.159966] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.160006] ? calculate_sigpending+0x7b/0xa0 [ 16.160030] ? __pfx_kthread+0x10/0x10 [ 16.160052] ret_from_fork+0x116/0x1d0 [ 16.160071] ? __pfx_kthread+0x10/0x10 [ 16.160091] ret_from_fork_asm+0x1a/0x30 [ 16.160123] </TASK> [ 16.160133] [ 16.167863] Allocated by task 283: [ 16.168051] kasan_save_stack+0x45/0x70 [ 16.168249] kasan_save_track+0x18/0x40 [ 16.168520] kasan_save_alloc_info+0x3b/0x50 [ 16.168799] __kasan_kmalloc+0xb7/0xc0 [ 16.168971] __kmalloc_cache_noprof+0x189/0x420 [ 16.169121] kasan_atomics+0x95/0x310 [ 16.169251] kunit_try_run_case+0x1a5/0x480 [ 16.169458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.169720] kthread+0x337/0x6f0 [ 16.169924] ret_from_fork+0x116/0x1d0 [ 16.170142] ret_from_fork_asm+0x1a/0x30 [ 16.170351] [ 16.170444] The buggy address belongs to the object at ffff888102744f80 [ 16.170444] which belongs to the cache kmalloc-64 of size 64 [ 16.170895] The buggy address is located 0 bytes to the right of [ 16.170895] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 16.171399] [ 16.171484] The buggy address belongs to the physical page: [ 16.171734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 16.172101] flags: 0x200000000000000(node=0|zone=2) [ 16.172370] page_type: f5(slab) [ 16.172556] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.172939] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.173271] page dumped because: kasan: bad access detected [ 16.173529] [ 16.173723] Memory state around the buggy address: [ 16.173957] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.174273] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.174589] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.174899] ^ [ 16.175131] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.175405] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.175620] ================================================================== [ 15.933453] ================================================================== [ 15.934117] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 15.934789] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.935373] [ 15.935462] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.935505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.935517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.935539] Call Trace: [ 15.935552] <TASK> [ 15.935567] dump_stack_lvl+0x73/0xb0 [ 15.935595] print_report+0xd1/0x610 [ 15.935616] ? __virt_addr_valid+0x1db/0x2d0 [ 15.935639] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.935659] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.935709] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.935731] kasan_report+0x141/0x180 [ 15.935753] ? kasan_atomics_helper+0x1ce1/0x5450 [ 15.935780] kasan_check_range+0x10c/0x1c0 [ 15.935804] __kasan_check_write+0x18/0x20 [ 15.935823] kasan_atomics_helper+0x1ce1/0x5450 [ 15.935845] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.935867] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.935891] ? trace_hardirqs_on+0x37/0xe0 [ 15.935923] ? kasan_atomics+0x152/0x310 [ 15.935952] kasan_atomics+0x1dc/0x310 [ 15.935976] ? __pfx_kasan_atomics+0x10/0x10 [ 15.935998] ? __pfx_kasan_atomics+0x10/0x10 [ 15.936025] kunit_try_run_case+0x1a5/0x480 [ 15.936049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.936072] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.936095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.936118] ? __kthread_parkme+0x82/0x180 [ 15.936137] ? preempt_count_sub+0x50/0x80 [ 15.936161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.936184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.936207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.936230] kthread+0x337/0x6f0 [ 15.936250] ? trace_preempt_on+0x20/0xc0 [ 15.936271] ? __pfx_kthread+0x10/0x10 [ 15.936291] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.936312] ? calculate_sigpending+0x7b/0xa0 [ 15.936336] ? __pfx_kthread+0x10/0x10 [ 15.936357] ret_from_fork+0x116/0x1d0 [ 15.936376] ? __pfx_kthread+0x10/0x10 [ 15.936396] ret_from_fork_asm+0x1a/0x30 [ 15.936427] </TASK> [ 15.936437] [ 15.945285] Allocated by task 283: [ 15.945463] kasan_save_stack+0x45/0x70 [ 15.945682] kasan_save_track+0x18/0x40 [ 15.945876] kasan_save_alloc_info+0x3b/0x50 [ 15.946048] __kasan_kmalloc+0xb7/0xc0 [ 15.946233] __kmalloc_cache_noprof+0x189/0x420 [ 15.946416] kasan_atomics+0x95/0x310 [ 15.946599] kunit_try_run_case+0x1a5/0x480 [ 15.946772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.947001] kthread+0x337/0x6f0 [ 15.947175] ret_from_fork+0x116/0x1d0 [ 15.947361] ret_from_fork_asm+0x1a/0x30 [ 15.947561] [ 15.947655] The buggy address belongs to the object at ffff888102744f80 [ 15.947655] which belongs to the cache kmalloc-64 of size 64 [ 15.948150] The buggy address is located 0 bytes to the right of [ 15.948150] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.948644] [ 15.948755] The buggy address belongs to the physical page: [ 15.948986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.949300] flags: 0x200000000000000(node=0|zone=2) [ 15.949499] page_type: f5(slab) [ 15.949660] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.949968] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.950275] page dumped because: kasan: bad access detected [ 15.950516] [ 15.950595] Memory state around the buggy address: [ 15.950789] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.951086] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.951394] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.951656] ^ [ 15.951829] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.952054] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.952266] ================================================================== [ 15.003211] ================================================================== [ 15.003530] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 15.003994] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.004253] [ 15.004364] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.004407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.004419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.004440] Call Trace: [ 15.004456] <TASK> [ 15.004471] dump_stack_lvl+0x73/0xb0 [ 15.004499] print_report+0xd1/0x610 [ 15.004522] ? __virt_addr_valid+0x1db/0x2d0 [ 15.004544] ? kasan_atomics_helper+0x697/0x5450 [ 15.004565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.004587] ? kasan_atomics_helper+0x697/0x5450 [ 15.004609] kasan_report+0x141/0x180 [ 15.004631] ? kasan_atomics_helper+0x697/0x5450 [ 15.004657] kasan_check_range+0x10c/0x1c0 [ 15.004681] __kasan_check_write+0x18/0x20 [ 15.004700] kasan_atomics_helper+0x697/0x5450 [ 15.004723] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.004745] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.004769] ? trace_hardirqs_on+0x37/0xe0 [ 15.004791] ? kasan_atomics+0x152/0x310 [ 15.004817] kasan_atomics+0x1dc/0x310 [ 15.004840] ? __pfx_kasan_atomics+0x10/0x10 [ 15.004863] ? __pfx_kasan_atomics+0x10/0x10 [ 15.004889] kunit_try_run_case+0x1a5/0x480 [ 15.004929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.004952] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.004974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.004998] ? __kthread_parkme+0x82/0x180 [ 15.005018] ? preempt_count_sub+0x50/0x80 [ 15.005042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.005066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.005088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.005111] kthread+0x337/0x6f0 [ 15.005132] ? trace_preempt_on+0x20/0xc0 [ 15.005153] ? __pfx_kthread+0x10/0x10 [ 15.005173] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.005195] ? calculate_sigpending+0x7b/0xa0 [ 15.005218] ? __pfx_kthread+0x10/0x10 [ 15.005239] ret_from_fork+0x116/0x1d0 [ 15.005257] ? __pfx_kthread+0x10/0x10 [ 15.005278] ret_from_fork_asm+0x1a/0x30 [ 15.005308] </TASK> [ 15.005319] [ 15.013429] Allocated by task 283: [ 15.013561] kasan_save_stack+0x45/0x70 [ 15.013773] kasan_save_track+0x18/0x40 [ 15.013985] kasan_save_alloc_info+0x3b/0x50 [ 15.014197] __kasan_kmalloc+0xb7/0xc0 [ 15.014383] __kmalloc_cache_noprof+0x189/0x420 [ 15.014756] kasan_atomics+0x95/0x310 [ 15.014954] kunit_try_run_case+0x1a5/0x480 [ 15.015118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.015295] kthread+0x337/0x6f0 [ 15.015416] ret_from_fork+0x116/0x1d0 [ 15.015549] ret_from_fork_asm+0x1a/0x30 [ 15.015689] [ 15.015788] The buggy address belongs to the object at ffff888102744f80 [ 15.015788] which belongs to the cache kmalloc-64 of size 64 [ 15.016325] The buggy address is located 0 bytes to the right of [ 15.016325] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.017322] [ 15.017425] The buggy address belongs to the physical page: [ 15.017717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.018006] flags: 0x200000000000000(node=0|zone=2) [ 15.018171] page_type: f5(slab) [ 15.018290] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.018784] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.019387] page dumped because: kasan: bad access detected [ 15.019568] [ 15.019638] Memory state around the buggy address: [ 15.019795] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.020337] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.020670] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.021044] ^ [ 15.021239] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.021537] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.021858] ================================================================== [ 14.786154] ================================================================== [ 14.786626] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.786987] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 14.787219] [ 14.787487] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.787533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.787544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.787564] Call Trace: [ 14.787579] <TASK> [ 14.787592] dump_stack_lvl+0x73/0xb0 [ 14.787619] print_report+0xd1/0x610 [ 14.787641] ? __virt_addr_valid+0x1db/0x2d0 [ 14.787661] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.787696] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.787717] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.787737] kasan_report+0x141/0x180 [ 14.787759] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.787784] __asan_report_store4_noabort+0x1b/0x30 [ 14.787807] kasan_atomics_helper+0x4ba2/0x5450 [ 14.787828] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.787849] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.787871] ? trace_hardirqs_on+0x37/0xe0 [ 14.787892] ? kasan_atomics+0x152/0x310 [ 14.787929] kasan_atomics+0x1dc/0x310 [ 14.787951] ? __pfx_kasan_atomics+0x10/0x10 [ 14.787973] ? __pfx_kasan_atomics+0x10/0x10 [ 14.787999] kunit_try_run_case+0x1a5/0x480 [ 14.788021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.788042] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.788064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.788086] ? __kthread_parkme+0x82/0x180 [ 14.788105] ? preempt_count_sub+0x50/0x80 [ 14.788127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.788150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.788172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.788195] kthread+0x337/0x6f0 [ 14.788213] ? trace_preempt_on+0x20/0xc0 [ 14.788234] ? __pfx_kthread+0x10/0x10 [ 14.788253] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.788274] ? calculate_sigpending+0x7b/0xa0 [ 14.788296] ? __pfx_kthread+0x10/0x10 [ 14.788315] ret_from_fork+0x116/0x1d0 [ 14.788333] ? __pfx_kthread+0x10/0x10 [ 14.788418] ret_from_fork_asm+0x1a/0x30 [ 14.788451] </TASK> [ 14.788460] [ 14.796088] Allocated by task 283: [ 14.796233] kasan_save_stack+0x45/0x70 [ 14.796435] kasan_save_track+0x18/0x40 [ 14.796615] kasan_save_alloc_info+0x3b/0x50 [ 14.796854] __kasan_kmalloc+0xb7/0xc0 [ 14.796998] __kmalloc_cache_noprof+0x189/0x420 [ 14.797153] kasan_atomics+0x95/0x310 [ 14.797286] kunit_try_run_case+0x1a5/0x480 [ 14.797430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.797663] kthread+0x337/0x6f0 [ 14.797829] ret_from_fork+0x116/0x1d0 [ 14.798025] ret_from_fork_asm+0x1a/0x30 [ 14.798221] [ 14.798313] The buggy address belongs to the object at ffff888102744f80 [ 14.798313] which belongs to the cache kmalloc-64 of size 64 [ 14.799132] The buggy address is located 0 bytes to the right of [ 14.799132] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 14.799708] [ 14.799807] The buggy address belongs to the physical page: [ 14.800011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 14.800317] flags: 0x200000000000000(node=0|zone=2) [ 14.800607] page_type: f5(slab) [ 14.800880] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.801208] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.801606] page dumped because: kasan: bad access detected [ 14.801883] [ 14.801996] Memory state around the buggy address: [ 14.802207] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.802461] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.802676] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.802888] ^ [ 14.803546] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.803988] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.804273] ================================================================== [ 15.672386] ================================================================== [ 15.672754] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.673037] Write of size 8 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 15.673384] [ 15.673489] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.673530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.673543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.673563] Call Trace: [ 15.673576] <TASK> [ 15.673591] dump_stack_lvl+0x73/0xb0 [ 15.673620] print_report+0xd1/0x610 [ 15.673642] ? __virt_addr_valid+0x1db/0x2d0 [ 15.673664] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.673686] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.673708] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.673730] kasan_report+0x141/0x180 [ 15.673753] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.673780] kasan_check_range+0x10c/0x1c0 [ 15.673804] __kasan_check_write+0x18/0x20 [ 15.673823] kasan_atomics_helper+0x15b6/0x5450 [ 15.673845] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.673867] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.673891] ? trace_hardirqs_on+0x37/0xe0 [ 15.673923] ? kasan_atomics+0x152/0x310 [ 15.673951] kasan_atomics+0x1dc/0x310 [ 15.673973] ? __pfx_kasan_atomics+0x10/0x10 [ 15.673997] ? __pfx_kasan_atomics+0x10/0x10 [ 15.674023] kunit_try_run_case+0x1a5/0x480 [ 15.674047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.674070] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.674094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.674117] ? __kthread_parkme+0x82/0x180 [ 15.674137] ? preempt_count_sub+0x50/0x80 [ 15.674161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.674185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.674208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.674232] kthread+0x337/0x6f0 [ 15.674252] ? trace_preempt_on+0x20/0xc0 [ 15.674274] ? __pfx_kthread+0x10/0x10 [ 15.674294] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.674316] ? calculate_sigpending+0x7b/0xa0 [ 15.674340] ? __pfx_kthread+0x10/0x10 [ 15.674361] ret_from_fork+0x116/0x1d0 [ 15.674380] ? __pfx_kthread+0x10/0x10 [ 15.674400] ret_from_fork_asm+0x1a/0x30 [ 15.674431] </TASK> [ 15.674442] [ 15.681755] Allocated by task 283: [ 15.681900] kasan_save_stack+0x45/0x70 [ 15.682081] kasan_save_track+0x18/0x40 [ 15.682224] kasan_save_alloc_info+0x3b/0x50 [ 15.682375] __kasan_kmalloc+0xb7/0xc0 [ 15.682527] __kmalloc_cache_noprof+0x189/0x420 [ 15.682744] kasan_atomics+0x95/0x310 [ 15.683079] kunit_try_run_case+0x1a5/0x480 [ 15.683287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.683539] kthread+0x337/0x6f0 [ 15.683712] ret_from_fork+0x116/0x1d0 [ 15.683847] ret_from_fork_asm+0x1a/0x30 [ 15.683997] [ 15.684069] The buggy address belongs to the object at ffff888102744f80 [ 15.684069] which belongs to the cache kmalloc-64 of size 64 [ 15.684478] The buggy address is located 0 bytes to the right of [ 15.684478] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 15.685019] [ 15.685113] The buggy address belongs to the physical page: [ 15.685369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 15.685664] flags: 0x200000000000000(node=0|zone=2) [ 15.685898] page_type: f5(slab) [ 15.686078] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.686382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.686608] page dumped because: kasan: bad access detected [ 15.686840] [ 15.686942] Memory state around the buggy address: [ 15.687170] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.687498] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.687826] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.688131] ^ [ 15.688328] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.688621] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.689919] ================================================================== [ 14.823559] ================================================================== [ 14.823879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.824194] Write of size 4 at addr ffff888102744fb0 by task kunit_try_catch/283 [ 14.824642] [ 14.824797] CPU: 1 UID: 0 PID: 283 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.824840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.824853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.824873] Call Trace: [ 14.824887] <TASK> [ 14.824902] dump_stack_lvl+0x73/0xb0 [ 14.824944] print_report+0xd1/0x610 [ 14.824967] ? __virt_addr_valid+0x1db/0x2d0 [ 14.824988] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.825009] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.825032] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.825053] kasan_report+0x141/0x180 [ 14.825075] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.825103] __asan_report_store4_noabort+0x1b/0x30 [ 14.825127] kasan_atomics_helper+0x4b6e/0x5450 [ 14.825150] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.825173] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.825197] ? trace_hardirqs_on+0x37/0xe0 [ 14.825219] ? kasan_atomics+0x152/0x310 [ 14.825246] kasan_atomics+0x1dc/0x310 [ 14.825269] ? __pfx_kasan_atomics+0x10/0x10 [ 14.825292] ? __pfx_kasan_atomics+0x10/0x10 [ 14.825319] kunit_try_run_case+0x1a5/0x480 [ 14.825343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.825378] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.825402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.825426] ? __kthread_parkme+0x82/0x180 [ 14.825446] ? preempt_count_sub+0x50/0x80 [ 14.825470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.825494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.825517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.825540] kthread+0x337/0x6f0 [ 14.825559] ? trace_preempt_on+0x20/0xc0 [ 14.825581] ? __pfx_kthread+0x10/0x10 [ 14.825602] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.825624] ? calculate_sigpending+0x7b/0xa0 [ 14.825647] ? __pfx_kthread+0x10/0x10 [ 14.825669] ret_from_fork+0x116/0x1d0 [ 14.825740] ? __pfx_kthread+0x10/0x10 [ 14.825764] ret_from_fork_asm+0x1a/0x30 [ 14.825795] </TASK> [ 14.825806] [ 14.833590] Allocated by task 283: [ 14.833755] kasan_save_stack+0x45/0x70 [ 14.833966] kasan_save_track+0x18/0x40 [ 14.834158] kasan_save_alloc_info+0x3b/0x50 [ 14.834369] __kasan_kmalloc+0xb7/0xc0 [ 14.834558] __kmalloc_cache_noprof+0x189/0x420 [ 14.835077] kasan_atomics+0x95/0x310 [ 14.835286] kunit_try_run_case+0x1a5/0x480 [ 14.835739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.836017] kthread+0x337/0x6f0 [ 14.836190] ret_from_fork+0x116/0x1d0 [ 14.836432] ret_from_fork_asm+0x1a/0x30 [ 14.836641] [ 14.836783] The buggy address belongs to the object at ffff888102744f80 [ 14.836783] which belongs to the cache kmalloc-64 of size 64 [ 14.837229] The buggy address is located 0 bytes to the right of [ 14.837229] allocated 48-byte region [ffff888102744f80, ffff888102744fb0) [ 14.838048] [ 14.838139] The buggy address belongs to the physical page: [ 14.838312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102744 [ 14.838546] flags: 0x200000000000000(node=0|zone=2) [ 14.839118] page_type: f5(slab) [ 14.839289] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.839673] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.839931] page dumped because: kasan: bad access detected [ 14.840099] [ 14.840167] Memory state around the buggy address: [ 14.840318] ffff888102744e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.840529] ffff888102744f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.840774] >ffff888102744f80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.841094] ^ [ 14.841320] ffff888102745000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.841646] ffff888102745080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.842064] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.647564] ================================================================== [ 14.647921] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.648461] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.648884] [ 14.649131] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.649173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.649185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.649205] Call Trace: [ 14.649216] <TASK> [ 14.649229] dump_stack_lvl+0x73/0xb0 [ 14.649256] print_report+0xd1/0x610 [ 14.649277] ? __virt_addr_valid+0x1db/0x2d0 [ 14.649297] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.649323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.649343] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.649402] kasan_report+0x141/0x180 [ 14.649424] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.649465] kasan_check_range+0x10c/0x1c0 [ 14.649488] __kasan_check_write+0x18/0x20 [ 14.649506] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.649542] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.649569] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.649594] ? trace_hardirqs_on+0x37/0xe0 [ 14.649615] ? kasan_bitops_generic+0x92/0x1c0 [ 14.649640] kasan_bitops_generic+0x121/0x1c0 [ 14.649663] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.649715] ? __pfx_read_tsc+0x10/0x10 [ 14.649735] ? ktime_get_ts64+0x86/0x230 [ 14.649758] kunit_try_run_case+0x1a5/0x480 [ 14.649791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.649813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.649836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.649857] ? __kthread_parkme+0x82/0x180 [ 14.649900] ? preempt_count_sub+0x50/0x80 [ 14.649933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.649956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.650006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.650030] kthread+0x337/0x6f0 [ 14.650049] ? trace_preempt_on+0x20/0xc0 [ 14.650080] ? __pfx_kthread+0x10/0x10 [ 14.650100] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.650119] ? calculate_sigpending+0x7b/0xa0 [ 14.650142] ? __pfx_kthread+0x10/0x10 [ 14.650187] ret_from_fork+0x116/0x1d0 [ 14.650205] ? __pfx_kthread+0x10/0x10 [ 14.650223] ret_from_fork_asm+0x1a/0x30 [ 14.650264] </TASK> [ 14.650275] [ 14.658877] Allocated by task 279: [ 14.659047] kasan_save_stack+0x45/0x70 [ 14.659265] kasan_save_track+0x18/0x40 [ 14.659485] kasan_save_alloc_info+0x3b/0x50 [ 14.659747] __kasan_kmalloc+0xb7/0xc0 [ 14.659976] __kmalloc_cache_noprof+0x189/0x420 [ 14.660239] kasan_bitops_generic+0x92/0x1c0 [ 14.660526] kunit_try_run_case+0x1a5/0x480 [ 14.660670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.660930] kthread+0x337/0x6f0 [ 14.661059] ret_from_fork+0x116/0x1d0 [ 14.661241] ret_from_fork_asm+0x1a/0x30 [ 14.661432] [ 14.661539] The buggy address belongs to the object at ffff888100fffac0 [ 14.661539] which belongs to the cache kmalloc-16 of size 16 [ 14.662095] The buggy address is located 8 bytes inside of [ 14.662095] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.662606] [ 14.662712] The buggy address belongs to the physical page: [ 14.662968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.663332] flags: 0x200000000000000(node=0|zone=2) [ 14.663563] page_type: f5(slab) [ 14.663770] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.664137] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.664481] page dumped because: kasan: bad access detected [ 14.664762] [ 14.664854] Memory state around the buggy address: [ 14.665112] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.665356] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.665697] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.666021] ^ [ 14.666276] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.666603] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.666964] ================================================================== [ 14.535166] ================================================================== [ 14.535541] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.536326] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.537026] [ 14.537246] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.537287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.537298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.537318] Call Trace: [ 14.537334] <TASK> [ 14.537348] dump_stack_lvl+0x73/0xb0 [ 14.537373] print_report+0xd1/0x610 [ 14.537394] ? __virt_addr_valid+0x1db/0x2d0 [ 14.537415] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.537441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.537462] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.537488] kasan_report+0x141/0x180 [ 14.537519] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.537550] kasan_check_range+0x10c/0x1c0 [ 14.537572] __kasan_check_write+0x18/0x20 [ 14.537590] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.537616] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.537643] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.537666] ? trace_hardirqs_on+0x37/0xe0 [ 14.537714] ? kasan_bitops_generic+0x92/0x1c0 [ 14.537740] kasan_bitops_generic+0x121/0x1c0 [ 14.537957] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.537981] ? __pfx_read_tsc+0x10/0x10 [ 14.538001] ? ktime_get_ts64+0x86/0x230 [ 14.538023] kunit_try_run_case+0x1a5/0x480 [ 14.538046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.538068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.538090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.538113] ? __kthread_parkme+0x82/0x180 [ 14.538131] ? preempt_count_sub+0x50/0x80 [ 14.538153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.538176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.538197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.538220] kthread+0x337/0x6f0 [ 14.538239] ? trace_preempt_on+0x20/0xc0 [ 14.538260] ? __pfx_kthread+0x10/0x10 [ 14.538280] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.538300] ? calculate_sigpending+0x7b/0xa0 [ 14.538322] ? __pfx_kthread+0x10/0x10 [ 14.538342] ret_from_fork+0x116/0x1d0 [ 14.538373] ? __pfx_kthread+0x10/0x10 [ 14.538393] ret_from_fork_asm+0x1a/0x30 [ 14.538422] </TASK> [ 14.538431] [ 14.554938] Allocated by task 279: [ 14.555148] kasan_save_stack+0x45/0x70 [ 14.555557] kasan_save_track+0x18/0x40 [ 14.555788] kasan_save_alloc_info+0x3b/0x50 [ 14.556136] __kasan_kmalloc+0xb7/0xc0 [ 14.556548] __kmalloc_cache_noprof+0x189/0x420 [ 14.556949] kasan_bitops_generic+0x92/0x1c0 [ 14.557259] kunit_try_run_case+0x1a5/0x480 [ 14.557574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.557881] kthread+0x337/0x6f0 [ 14.558261] ret_from_fork+0x116/0x1d0 [ 14.558617] ret_from_fork_asm+0x1a/0x30 [ 14.558959] [ 14.559179] The buggy address belongs to the object at ffff888100fffac0 [ 14.559179] which belongs to the cache kmalloc-16 of size 16 [ 14.559951] The buggy address is located 8 bytes inside of [ 14.559951] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.561111] [ 14.561449] The buggy address belongs to the physical page: [ 14.561676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.562177] flags: 0x200000000000000(node=0|zone=2) [ 14.562704] page_type: f5(slab) [ 14.563087] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.563790] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.564446] page dumped because: kasan: bad access detected [ 14.564628] [ 14.564810] Memory state around the buggy address: [ 14.565259] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.565952] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.566563] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.567043] ^ [ 14.567345] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.567996] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.568491] ================================================================== [ 14.727615] ================================================================== [ 14.728019] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.728517] Read of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.729031] [ 14.729142] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.729194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.729206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.729225] Call Trace: [ 14.729238] <TASK> [ 14.729251] dump_stack_lvl+0x73/0xb0 [ 14.729278] print_report+0xd1/0x610 [ 14.729298] ? __virt_addr_valid+0x1db/0x2d0 [ 14.729319] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.729346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.729397] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.729424] kasan_report+0x141/0x180 [ 14.729444] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.729486] __asan_report_load8_noabort+0x18/0x20 [ 14.729509] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.729562] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.729589] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.729612] ? trace_hardirqs_on+0x37/0xe0 [ 14.729643] ? kasan_bitops_generic+0x92/0x1c0 [ 14.729670] kasan_bitops_generic+0x121/0x1c0 [ 14.729703] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.729726] ? __pfx_read_tsc+0x10/0x10 [ 14.729745] ? ktime_get_ts64+0x86/0x230 [ 14.729768] kunit_try_run_case+0x1a5/0x480 [ 14.729817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.729838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.729862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.729895] ? __kthread_parkme+0x82/0x180 [ 14.729923] ? preempt_count_sub+0x50/0x80 [ 14.729946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.729995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.730017] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.730040] kthread+0x337/0x6f0 [ 14.730069] ? trace_preempt_on+0x20/0xc0 [ 14.730090] ? __pfx_kthread+0x10/0x10 [ 14.730110] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.730156] ? calculate_sigpending+0x7b/0xa0 [ 14.730178] ? __pfx_kthread+0x10/0x10 [ 14.730198] ret_from_fork+0x116/0x1d0 [ 14.730226] ? __pfx_kthread+0x10/0x10 [ 14.730246] ret_from_fork_asm+0x1a/0x30 [ 14.730292] </TASK> [ 14.730311] [ 14.738453] Allocated by task 279: [ 14.738649] kasan_save_stack+0x45/0x70 [ 14.738872] kasan_save_track+0x18/0x40 [ 14.739098] kasan_save_alloc_info+0x3b/0x50 [ 14.739380] __kasan_kmalloc+0xb7/0xc0 [ 14.739587] __kmalloc_cache_noprof+0x189/0x420 [ 14.739964] kasan_bitops_generic+0x92/0x1c0 [ 14.740170] kunit_try_run_case+0x1a5/0x480 [ 14.740370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.740613] kthread+0x337/0x6f0 [ 14.740898] ret_from_fork+0x116/0x1d0 [ 14.741092] ret_from_fork_asm+0x1a/0x30 [ 14.741286] [ 14.741377] The buggy address belongs to the object at ffff888100fffac0 [ 14.741377] which belongs to the cache kmalloc-16 of size 16 [ 14.741917] The buggy address is located 8 bytes inside of [ 14.741917] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.742462] [ 14.742533] The buggy address belongs to the physical page: [ 14.742719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.743135] flags: 0x200000000000000(node=0|zone=2) [ 14.743417] page_type: f5(slab) [ 14.743585] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.743897] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.744133] page dumped because: kasan: bad access detected [ 14.744299] [ 14.744365] Memory state around the buggy address: [ 14.744586] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.745282] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.745594] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.746023] ^ [ 14.746271] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.746606] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.746984] ================================================================== [ 14.625275] ================================================================== [ 14.625493] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.625981] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.626356] [ 14.626463] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.626504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.626515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.626535] Call Trace: [ 14.626550] <TASK> [ 14.626564] dump_stack_lvl+0x73/0xb0 [ 14.626590] print_report+0xd1/0x610 [ 14.626610] ? __virt_addr_valid+0x1db/0x2d0 [ 14.626630] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.626657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.626678] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.626716] kasan_report+0x141/0x180 [ 14.626736] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.626767] kasan_check_range+0x10c/0x1c0 [ 14.626790] __kasan_check_write+0x18/0x20 [ 14.626808] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.626834] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.626862] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.626884] ? trace_hardirqs_on+0x37/0xe0 [ 14.626916] ? kasan_bitops_generic+0x92/0x1c0 [ 14.626943] kasan_bitops_generic+0x121/0x1c0 [ 14.626964] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.626989] ? __pfx_read_tsc+0x10/0x10 [ 14.627008] ? ktime_get_ts64+0x86/0x230 [ 14.627031] kunit_try_run_case+0x1a5/0x480 [ 14.627057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.627079] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.627101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.627123] ? __kthread_parkme+0x82/0x180 [ 14.627141] ? preempt_count_sub+0x50/0x80 [ 14.627163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.627186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.627208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.627230] kthread+0x337/0x6f0 [ 14.627248] ? trace_preempt_on+0x20/0xc0 [ 14.627269] ? __pfx_kthread+0x10/0x10 [ 14.627288] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.627308] ? calculate_sigpending+0x7b/0xa0 [ 14.627330] ? __pfx_kthread+0x10/0x10 [ 14.627350] ret_from_fork+0x116/0x1d0 [ 14.627367] ? __pfx_kthread+0x10/0x10 [ 14.627388] ret_from_fork_asm+0x1a/0x30 [ 14.627417] </TASK> [ 14.627426] [ 14.637653] Allocated by task 279: [ 14.637866] kasan_save_stack+0x45/0x70 [ 14.638098] kasan_save_track+0x18/0x40 [ 14.638345] kasan_save_alloc_info+0x3b/0x50 [ 14.638553] __kasan_kmalloc+0xb7/0xc0 [ 14.638726] __kmalloc_cache_noprof+0x189/0x420 [ 14.638874] kasan_bitops_generic+0x92/0x1c0 [ 14.639072] kunit_try_run_case+0x1a5/0x480 [ 14.639424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.639672] kthread+0x337/0x6f0 [ 14.639829] ret_from_fork+0x116/0x1d0 [ 14.640048] ret_from_fork_asm+0x1a/0x30 [ 14.640261] [ 14.640384] The buggy address belongs to the object at ffff888100fffac0 [ 14.640384] which belongs to the cache kmalloc-16 of size 16 [ 14.641242] The buggy address is located 8 bytes inside of [ 14.641242] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.641833] [ 14.641901] The buggy address belongs to the physical page: [ 14.642162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.642688] flags: 0x200000000000000(node=0|zone=2) [ 14.643056] page_type: f5(slab) [ 14.643263] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.643579] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.643971] page dumped because: kasan: bad access detected [ 14.644219] [ 14.644305] Memory state around the buggy address: [ 14.644669] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.644998] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.645312] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.645611] ^ [ 14.646142] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.646494] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.646807] ================================================================== [ 14.569340] ================================================================== [ 14.569582] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.569860] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.570101] [ 14.570186] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.570227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.570238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.570258] Call Trace: [ 14.570273] <TASK> [ 14.570286] dump_stack_lvl+0x73/0xb0 [ 14.570311] print_report+0xd1/0x610 [ 14.570332] ? __virt_addr_valid+0x1db/0x2d0 [ 14.570353] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.570379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.570400] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.570426] kasan_report+0x141/0x180 [ 14.570447] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.570477] kasan_check_range+0x10c/0x1c0 [ 14.570499] __kasan_check_write+0x18/0x20 [ 14.570517] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.570542] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.570569] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.570591] ? trace_hardirqs_on+0x37/0xe0 [ 14.570612] ? kasan_bitops_generic+0x92/0x1c0 [ 14.570638] kasan_bitops_generic+0x121/0x1c0 [ 14.570659] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.570682] ? __pfx_read_tsc+0x10/0x10 [ 14.570702] ? ktime_get_ts64+0x86/0x230 [ 14.570725] kunit_try_run_case+0x1a5/0x480 [ 14.570747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.570768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.570791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.570812] ? __kthread_parkme+0x82/0x180 [ 14.570831] ? preempt_count_sub+0x50/0x80 [ 14.570853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.570876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.570897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.570944] kthread+0x337/0x6f0 [ 14.570962] ? trace_preempt_on+0x20/0xc0 [ 14.570982] ? __pfx_kthread+0x10/0x10 [ 14.571002] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.571021] ? calculate_sigpending+0x7b/0xa0 [ 14.571044] ? __pfx_kthread+0x10/0x10 [ 14.571069] ret_from_fork+0x116/0x1d0 [ 14.571102] ? __pfx_kthread+0x10/0x10 [ 14.571135] ret_from_fork_asm+0x1a/0x30 [ 14.571177] </TASK> [ 14.571187] [ 14.590363] Allocated by task 279: [ 14.590614] kasan_save_stack+0x45/0x70 [ 14.591054] kasan_save_track+0x18/0x40 [ 14.591340] kasan_save_alloc_info+0x3b/0x50 [ 14.591735] __kasan_kmalloc+0xb7/0xc0 [ 14.591993] __kmalloc_cache_noprof+0x189/0x420 [ 14.592427] kasan_bitops_generic+0x92/0x1c0 [ 14.592867] kunit_try_run_case+0x1a5/0x480 [ 14.593335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.593524] kthread+0x337/0x6f0 [ 14.593643] ret_from_fork+0x116/0x1d0 [ 14.593997] ret_from_fork_asm+0x1a/0x30 [ 14.594403] [ 14.594592] The buggy address belongs to the object at ffff888100fffac0 [ 14.594592] which belongs to the cache kmalloc-16 of size 16 [ 14.595837] The buggy address is located 8 bytes inside of [ 14.595837] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.596809] [ 14.597076] The buggy address belongs to the physical page: [ 14.597583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.598255] flags: 0x200000000000000(node=0|zone=2) [ 14.598459] page_type: f5(slab) [ 14.598762] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.599562] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.600104] page dumped because: kasan: bad access detected [ 14.600269] [ 14.600334] Memory state around the buggy address: [ 14.600967] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.601185] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.601393] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.601597] ^ [ 14.602105] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.602335] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.602787] ================================================================== [ 14.706994] ================================================================== [ 14.707700] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.708113] Read of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.708436] [ 14.708541] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.708581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.708592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.708612] Call Trace: [ 14.708627] <TASK> [ 14.708641] dump_stack_lvl+0x73/0xb0 [ 14.708667] print_report+0xd1/0x610 [ 14.708697] ? __virt_addr_valid+0x1db/0x2d0 [ 14.708717] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.708744] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.708765] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.708828] kasan_report+0x141/0x180 [ 14.708849] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.708917] kasan_check_range+0x10c/0x1c0 [ 14.708942] __kasan_check_read+0x15/0x20 [ 14.708959] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.708986] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.709013] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.709035] ? trace_hardirqs_on+0x37/0xe0 [ 14.709055] ? kasan_bitops_generic+0x92/0x1c0 [ 14.709081] kasan_bitops_generic+0x121/0x1c0 [ 14.709103] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.709127] ? __pfx_read_tsc+0x10/0x10 [ 14.709146] ? ktime_get_ts64+0x86/0x230 [ 14.709169] kunit_try_run_case+0x1a5/0x480 [ 14.709191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.709213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.709234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.709257] ? __kthread_parkme+0x82/0x180 [ 14.709275] ? preempt_count_sub+0x50/0x80 [ 14.709297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.709320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.709342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.709365] kthread+0x337/0x6f0 [ 14.709384] ? trace_preempt_on+0x20/0xc0 [ 14.709406] ? __pfx_kthread+0x10/0x10 [ 14.709425] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.709445] ? calculate_sigpending+0x7b/0xa0 [ 14.709467] ? __pfx_kthread+0x10/0x10 [ 14.709488] ret_from_fork+0x116/0x1d0 [ 14.709505] ? __pfx_kthread+0x10/0x10 [ 14.709524] ret_from_fork_asm+0x1a/0x30 [ 14.709554] </TASK> [ 14.709563] [ 14.718603] Allocated by task 279: [ 14.718793] kasan_save_stack+0x45/0x70 [ 14.719008] kasan_save_track+0x18/0x40 [ 14.719242] kasan_save_alloc_info+0x3b/0x50 [ 14.719485] __kasan_kmalloc+0xb7/0xc0 [ 14.719681] __kmalloc_cache_noprof+0x189/0x420 [ 14.719946] kasan_bitops_generic+0x92/0x1c0 [ 14.720138] kunit_try_run_case+0x1a5/0x480 [ 14.720280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.720447] kthread+0x337/0x6f0 [ 14.720563] ret_from_fork+0x116/0x1d0 [ 14.720719] ret_from_fork_asm+0x1a/0x30 [ 14.720934] [ 14.721027] The buggy address belongs to the object at ffff888100fffac0 [ 14.721027] which belongs to the cache kmalloc-16 of size 16 [ 14.721538] The buggy address is located 8 bytes inside of [ 14.721538] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.722024] [ 14.722092] The buggy address belongs to the physical page: [ 14.722528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.722863] flags: 0x200000000000000(node=0|zone=2) [ 14.723123] page_type: f5(slab) [ 14.723309] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.723655] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.724028] page dumped because: kasan: bad access detected [ 14.724301] [ 14.724396] Memory state around the buggy address: [ 14.724612] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.725051] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.725398] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.725730] ^ [ 14.725994] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.726303] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.726629] ================================================================== [ 14.667678] ================================================================== [ 14.668000] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.668420] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.668831] [ 14.668981] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.669022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.669033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.669052] Call Trace: [ 14.669065] <TASK> [ 14.669077] dump_stack_lvl+0x73/0xb0 [ 14.669104] print_report+0xd1/0x610 [ 14.669125] ? __virt_addr_valid+0x1db/0x2d0 [ 14.669146] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.669173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.669194] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.669221] kasan_report+0x141/0x180 [ 14.669242] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.669273] kasan_check_range+0x10c/0x1c0 [ 14.669295] __kasan_check_write+0x18/0x20 [ 14.669313] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.669339] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.669366] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.669388] ? trace_hardirqs_on+0x37/0xe0 [ 14.669410] ? kasan_bitops_generic+0x92/0x1c0 [ 14.669436] kasan_bitops_generic+0x121/0x1c0 [ 14.669457] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.669481] ? __pfx_read_tsc+0x10/0x10 [ 14.669500] ? ktime_get_ts64+0x86/0x230 [ 14.669523] kunit_try_run_case+0x1a5/0x480 [ 14.669546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.669642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.669671] ? __kthread_parkme+0x82/0x180 [ 14.669690] ? preempt_count_sub+0x50/0x80 [ 14.669713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.669757] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.669780] kthread+0x337/0x6f0 [ 14.669798] ? trace_preempt_on+0x20/0xc0 [ 14.669818] ? __pfx_kthread+0x10/0x10 [ 14.669837] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.669858] ? calculate_sigpending+0x7b/0xa0 [ 14.669879] ? __pfx_kthread+0x10/0x10 [ 14.669899] ret_from_fork+0x116/0x1d0 [ 14.669927] ? __pfx_kthread+0x10/0x10 [ 14.669946] ret_from_fork_asm+0x1a/0x30 [ 14.669976] </TASK> [ 14.669984] [ 14.678287] Allocated by task 279: [ 14.678414] kasan_save_stack+0x45/0x70 [ 14.678553] kasan_save_track+0x18/0x40 [ 14.678721] kasan_save_alloc_info+0x3b/0x50 [ 14.678977] __kasan_kmalloc+0xb7/0xc0 [ 14.679183] __kmalloc_cache_noprof+0x189/0x420 [ 14.679406] kasan_bitops_generic+0x92/0x1c0 [ 14.679657] kunit_try_run_case+0x1a5/0x480 [ 14.679875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.680174] kthread+0x337/0x6f0 [ 14.680345] ret_from_fork+0x116/0x1d0 [ 14.680569] ret_from_fork_asm+0x1a/0x30 [ 14.680825] [ 14.680921] The buggy address belongs to the object at ffff888100fffac0 [ 14.680921] which belongs to the cache kmalloc-16 of size 16 [ 14.681470] The buggy address is located 8 bytes inside of [ 14.681470] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.682060] [ 14.682187] The buggy address belongs to the physical page: [ 14.682453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.682877] flags: 0x200000000000000(node=0|zone=2) [ 14.683133] page_type: f5(slab) [ 14.683342] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.683726] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.684075] page dumped because: kasan: bad access detected [ 14.684335] [ 14.684436] Memory state around the buggy address: [ 14.684644] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.685053] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.685341] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.685609] ^ [ 14.686080] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686350] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686610] ================================================================== [ 14.687428] ================================================================== [ 14.687922] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.688331] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.688671] [ 14.688785] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.688825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.688836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.688883] Call Trace: [ 14.688896] <TASK> [ 14.688925] dump_stack_lvl+0x73/0xb0 [ 14.688952] print_report+0xd1/0x610 [ 14.688973] ? __virt_addr_valid+0x1db/0x2d0 [ 14.688994] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.689047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.689068] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.689095] kasan_report+0x141/0x180 [ 14.689125] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.689157] kasan_check_range+0x10c/0x1c0 [ 14.689204] __kasan_check_write+0x18/0x20 [ 14.689223] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.689249] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.689286] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.689308] ? trace_hardirqs_on+0x37/0xe0 [ 14.689329] ? kasan_bitops_generic+0x92/0x1c0 [ 14.689381] kasan_bitops_generic+0x121/0x1c0 [ 14.689403] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.689427] ? __pfx_read_tsc+0x10/0x10 [ 14.689456] ? ktime_get_ts64+0x86/0x230 [ 14.689479] kunit_try_run_case+0x1a5/0x480 [ 14.689528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.689572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.689605] ? __kthread_parkme+0x82/0x180 [ 14.689623] ? preempt_count_sub+0x50/0x80 [ 14.689662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.689733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.689756] kthread+0x337/0x6f0 [ 14.689802] ? trace_preempt_on+0x20/0xc0 [ 14.689822] ? __pfx_kthread+0x10/0x10 [ 14.689842] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.689862] ? calculate_sigpending+0x7b/0xa0 [ 14.689884] ? __pfx_kthread+0x10/0x10 [ 14.689914] ret_from_fork+0x116/0x1d0 [ 14.689931] ? __pfx_kthread+0x10/0x10 [ 14.689951] ret_from_fork_asm+0x1a/0x30 [ 14.690006] </TASK> [ 14.690015] [ 14.698665] Allocated by task 279: [ 14.698883] kasan_save_stack+0x45/0x70 [ 14.699112] kasan_save_track+0x18/0x40 [ 14.699305] kasan_save_alloc_info+0x3b/0x50 [ 14.699531] __kasan_kmalloc+0xb7/0xc0 [ 14.699672] __kmalloc_cache_noprof+0x189/0x420 [ 14.699938] kasan_bitops_generic+0x92/0x1c0 [ 14.700146] kunit_try_run_case+0x1a5/0x480 [ 14.700348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.700626] kthread+0x337/0x6f0 [ 14.700977] ret_from_fork+0x116/0x1d0 [ 14.701162] ret_from_fork_asm+0x1a/0x30 [ 14.701297] [ 14.701365] The buggy address belongs to the object at ffff888100fffac0 [ 14.701365] which belongs to the cache kmalloc-16 of size 16 [ 14.701887] The buggy address is located 8 bytes inside of [ 14.701887] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.702534] [ 14.702643] The buggy address belongs to the physical page: [ 14.702930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.703229] flags: 0x200000000000000(node=0|zone=2) [ 14.703460] page_type: f5(slab) [ 14.703597] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.703897] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.704123] page dumped because: kasan: bad access detected [ 14.704287] [ 14.704352] Memory state around the buggy address: [ 14.704499] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.704706] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.704941] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.705282] ^ [ 14.705756] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.706092] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.706406] ================================================================== [ 14.603286] ================================================================== [ 14.603866] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.604256] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.604545] [ 14.604656] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.604697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.604708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.604758] Call Trace: [ 14.604773] <TASK> [ 14.604787] dump_stack_lvl+0x73/0xb0 [ 14.604897] print_report+0xd1/0x610 [ 14.604930] ? __virt_addr_valid+0x1db/0x2d0 [ 14.604951] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.604977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.604997] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.605023] kasan_report+0x141/0x180 [ 14.605045] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.605075] kasan_check_range+0x10c/0x1c0 [ 14.605098] __kasan_check_write+0x18/0x20 [ 14.605117] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.605144] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.605171] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.605192] ? trace_hardirqs_on+0x37/0xe0 [ 14.605213] ? kasan_bitops_generic+0x92/0x1c0 [ 14.605239] kasan_bitops_generic+0x121/0x1c0 [ 14.605261] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.605285] ? __pfx_read_tsc+0x10/0x10 [ 14.605305] ? ktime_get_ts64+0x86/0x230 [ 14.605328] kunit_try_run_case+0x1a5/0x480 [ 14.605351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.605372] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.605394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.605416] ? __kthread_parkme+0x82/0x180 [ 14.605435] ? preempt_count_sub+0x50/0x80 [ 14.605457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.605480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.605501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.605524] kthread+0x337/0x6f0 [ 14.605542] ? trace_preempt_on+0x20/0xc0 [ 14.605562] ? __pfx_kthread+0x10/0x10 [ 14.605581] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.605602] ? calculate_sigpending+0x7b/0xa0 [ 14.605624] ? __pfx_kthread+0x10/0x10 [ 14.605645] ret_from_fork+0x116/0x1d0 [ 14.605662] ? __pfx_kthread+0x10/0x10 [ 14.605682] ret_from_fork_asm+0x1a/0x30 [ 14.605711] </TASK> [ 14.605721] [ 14.615833] Allocated by task 279: [ 14.616110] kasan_save_stack+0x45/0x70 [ 14.616314] kasan_save_track+0x18/0x40 [ 14.616461] kasan_save_alloc_info+0x3b/0x50 [ 14.616604] __kasan_kmalloc+0xb7/0xc0 [ 14.616731] __kmalloc_cache_noprof+0x189/0x420 [ 14.616882] kasan_bitops_generic+0x92/0x1c0 [ 14.617157] kunit_try_run_case+0x1a5/0x480 [ 14.617507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.617927] kthread+0x337/0x6f0 [ 14.618161] ret_from_fork+0x116/0x1d0 [ 14.618416] ret_from_fork_asm+0x1a/0x30 [ 14.618551] [ 14.618619] The buggy address belongs to the object at ffff888100fffac0 [ 14.618619] which belongs to the cache kmalloc-16 of size 16 [ 14.619451] The buggy address is located 8 bytes inside of [ 14.619451] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.620206] [ 14.620307] The buggy address belongs to the physical page: [ 14.620593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.620824] flags: 0x200000000000000(node=0|zone=2) [ 14.620991] page_type: f5(slab) [ 14.621141] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.621554] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.622150] page dumped because: kasan: bad access detected [ 14.622500] [ 14.622639] Memory state around the buggy address: [ 14.622935] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.623272] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.623482] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.624113] ^ [ 14.624392] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.624723] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.624939] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.376415] ================================================================== [ 14.376748] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.377145] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.377899] [ 14.378029] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.378089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.378101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.378121] Call Trace: [ 14.378137] <TASK> [ 14.378152] dump_stack_lvl+0x73/0xb0 [ 14.378181] print_report+0xd1/0x610 [ 14.378203] ? __virt_addr_valid+0x1db/0x2d0 [ 14.378224] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.378248] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.378270] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.378294] kasan_report+0x141/0x180 [ 14.378317] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.378347] kasan_check_range+0x10c/0x1c0 [ 14.378369] __kasan_check_write+0x18/0x20 [ 14.378388] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.378412] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.378437] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.378460] ? trace_hardirqs_on+0x37/0xe0 [ 14.378480] ? kasan_bitops_generic+0x92/0x1c0 [ 14.378507] kasan_bitops_generic+0x116/0x1c0 [ 14.378529] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.378555] ? __pfx_read_tsc+0x10/0x10 [ 14.378575] ? ktime_get_ts64+0x86/0x230 [ 14.378598] kunit_try_run_case+0x1a5/0x480 [ 14.378621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.378642] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.378664] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.378686] ? __kthread_parkme+0x82/0x180 [ 14.378705] ? preempt_count_sub+0x50/0x80 [ 14.378727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.378750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.378772] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.378807] kthread+0x337/0x6f0 [ 14.378826] ? trace_preempt_on+0x20/0xc0 [ 14.378847] ? __pfx_kthread+0x10/0x10 [ 14.378866] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.378887] ? calculate_sigpending+0x7b/0xa0 [ 14.378919] ? __pfx_kthread+0x10/0x10 [ 14.378940] ret_from_fork+0x116/0x1d0 [ 14.378957] ? __pfx_kthread+0x10/0x10 [ 14.378977] ret_from_fork_asm+0x1a/0x30 [ 14.379006] </TASK> [ 14.379016] [ 14.390679] Allocated by task 279: [ 14.391083] kasan_save_stack+0x45/0x70 [ 14.391383] kasan_save_track+0x18/0x40 [ 14.391863] kasan_save_alloc_info+0x3b/0x50 [ 14.392222] __kasan_kmalloc+0xb7/0xc0 [ 14.392664] __kmalloc_cache_noprof+0x189/0x420 [ 14.392866] kasan_bitops_generic+0x92/0x1c0 [ 14.393095] kunit_try_run_case+0x1a5/0x480 [ 14.393288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.393850] kthread+0x337/0x6f0 [ 14.394166] ret_from_fork+0x116/0x1d0 [ 14.394351] ret_from_fork_asm+0x1a/0x30 [ 14.394771] [ 14.394861] The buggy address belongs to the object at ffff888100fffac0 [ 14.394861] which belongs to the cache kmalloc-16 of size 16 [ 14.395341] The buggy address is located 8 bytes inside of [ 14.395341] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.396322] [ 14.396755] The buggy address belongs to the physical page: [ 14.397014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.397527] flags: 0x200000000000000(node=0|zone=2) [ 14.397893] page_type: f5(slab) [ 14.398176] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.398639] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.399153] page dumped because: kasan: bad access detected [ 14.399664] [ 14.399854] Memory state around the buggy address: [ 14.400069] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.400735] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.401025] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.401470] ^ [ 14.401858] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.402316] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.402800] ================================================================== [ 14.321124] ================================================================== [ 14.322236] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.322514] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.322740] [ 14.322826] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.322870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.322881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.322901] Call Trace: [ 14.322957] <TASK> [ 14.322972] dump_stack_lvl+0x73/0xb0 [ 14.323026] print_report+0xd1/0x610 [ 14.323047] ? __virt_addr_valid+0x1db/0x2d0 [ 14.323075] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.323099] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.323162] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.323189] kasan_report+0x141/0x180 [ 14.323210] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.323239] kasan_check_range+0x10c/0x1c0 [ 14.323262] __kasan_check_write+0x18/0x20 [ 14.323280] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.323305] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.323403] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.323427] ? trace_hardirqs_on+0x37/0xe0 [ 14.323448] ? kasan_bitops_generic+0x92/0x1c0 [ 14.323503] kasan_bitops_generic+0x116/0x1c0 [ 14.323526] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.323550] ? __pfx_read_tsc+0x10/0x10 [ 14.323570] ? ktime_get_ts64+0x86/0x230 [ 14.323594] kunit_try_run_case+0x1a5/0x480 [ 14.323619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.323642] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.323671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.323733] ? __kthread_parkme+0x82/0x180 [ 14.323777] ? preempt_count_sub+0x50/0x80 [ 14.323801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.323823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.323846] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.323868] kthread+0x337/0x6f0 [ 14.323888] ? trace_preempt_on+0x20/0xc0 [ 14.323920] ? __pfx_kthread+0x10/0x10 [ 14.323940] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.323960] ? calculate_sigpending+0x7b/0xa0 [ 14.323983] ? __pfx_kthread+0x10/0x10 [ 14.324004] ret_from_fork+0x116/0x1d0 [ 14.324021] ? __pfx_kthread+0x10/0x10 [ 14.324040] ret_from_fork_asm+0x1a/0x30 [ 14.324070] </TASK> [ 14.324080] [ 14.334229] Allocated by task 279: [ 14.334501] kasan_save_stack+0x45/0x70 [ 14.334674] kasan_save_track+0x18/0x40 [ 14.334892] kasan_save_alloc_info+0x3b/0x50 [ 14.335068] __kasan_kmalloc+0xb7/0xc0 [ 14.335259] __kmalloc_cache_noprof+0x189/0x420 [ 14.335547] kasan_bitops_generic+0x92/0x1c0 [ 14.335756] kunit_try_run_case+0x1a5/0x480 [ 14.335913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.336087] kthread+0x337/0x6f0 [ 14.336207] ret_from_fork+0x116/0x1d0 [ 14.336426] ret_from_fork_asm+0x1a/0x30 [ 14.336624] [ 14.336738] The buggy address belongs to the object at ffff888100fffac0 [ 14.336738] which belongs to the cache kmalloc-16 of size 16 [ 14.337268] The buggy address is located 8 bytes inside of [ 14.337268] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.337883] [ 14.337993] The buggy address belongs to the physical page: [ 14.338213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.338603] flags: 0x200000000000000(node=0|zone=2) [ 14.338794] page_type: f5(slab) [ 14.338976] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.339325] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.339762] page dumped because: kasan: bad access detected [ 14.339989] [ 14.340060] Memory state around the buggy address: [ 14.340283] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.340663] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.340983] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.341271] ^ [ 14.341551] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.341793] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.342014] ================================================================== [ 14.403802] ================================================================== [ 14.404123] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.405009] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.405626] [ 14.405751] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.405895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.405921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.405942] Call Trace: [ 14.405957] <TASK> [ 14.405971] dump_stack_lvl+0x73/0xb0 [ 14.405999] print_report+0xd1/0x610 [ 14.406021] ? __virt_addr_valid+0x1db/0x2d0 [ 14.406042] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.406067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.406088] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.406112] kasan_report+0x141/0x180 [ 14.406133] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.406163] kasan_check_range+0x10c/0x1c0 [ 14.406185] __kasan_check_write+0x18/0x20 [ 14.406203] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.406228] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.406253] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.406276] ? trace_hardirqs_on+0x37/0xe0 [ 14.406297] ? kasan_bitops_generic+0x92/0x1c0 [ 14.406323] kasan_bitops_generic+0x116/0x1c0 [ 14.406407] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.406433] ? __pfx_read_tsc+0x10/0x10 [ 14.406453] ? ktime_get_ts64+0x86/0x230 [ 14.406476] kunit_try_run_case+0x1a5/0x480 [ 14.406498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.406520] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.406543] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.406565] ? __kthread_parkme+0x82/0x180 [ 14.406584] ? preempt_count_sub+0x50/0x80 [ 14.406606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.406629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.406651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.406673] kthread+0x337/0x6f0 [ 14.406692] ? trace_preempt_on+0x20/0xc0 [ 14.406712] ? __pfx_kthread+0x10/0x10 [ 14.406732] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.406752] ? calculate_sigpending+0x7b/0xa0 [ 14.406774] ? __pfx_kthread+0x10/0x10 [ 14.406795] ret_from_fork+0x116/0x1d0 [ 14.406811] ? __pfx_kthread+0x10/0x10 [ 14.406831] ret_from_fork_asm+0x1a/0x30 [ 14.406861] </TASK> [ 14.406871] [ 14.419975] Allocated by task 279: [ 14.420361] kasan_save_stack+0x45/0x70 [ 14.420870] kasan_save_track+0x18/0x40 [ 14.421197] kasan_save_alloc_info+0x3b/0x50 [ 14.421589] __kasan_kmalloc+0xb7/0xc0 [ 14.421812] __kmalloc_cache_noprof+0x189/0x420 [ 14.422035] kasan_bitops_generic+0x92/0x1c0 [ 14.422260] kunit_try_run_case+0x1a5/0x480 [ 14.422902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.423163] kthread+0x337/0x6f0 [ 14.423519] ret_from_fork+0x116/0x1d0 [ 14.423892] ret_from_fork_asm+0x1a/0x30 [ 14.424204] [ 14.424307] The buggy address belongs to the object at ffff888100fffac0 [ 14.424307] which belongs to the cache kmalloc-16 of size 16 [ 14.425133] The buggy address is located 8 bytes inside of [ 14.425133] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.425955] [ 14.426220] The buggy address belongs to the physical page: [ 14.426540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.427145] flags: 0x200000000000000(node=0|zone=2) [ 14.427649] page_type: f5(slab) [ 14.427841] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.428230] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.428866] page dumped because: kasan: bad access detected [ 14.429186] [ 14.429262] Memory state around the buggy address: [ 14.429623] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.430130] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.430660] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.431043] ^ [ 14.431402] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.431715] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.432339] ================================================================== [ 14.473468] ================================================================== [ 14.473827] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.474097] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.474502] [ 14.474620] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.474662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.474674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.474694] Call Trace: [ 14.474708] <TASK> [ 14.474723] dump_stack_lvl+0x73/0xb0 [ 14.474749] print_report+0xd1/0x610 [ 14.474772] ? __virt_addr_valid+0x1db/0x2d0 [ 14.474794] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.474818] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.474840] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.474865] kasan_report+0x141/0x180 [ 14.474887] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.474928] kasan_check_range+0x10c/0x1c0 [ 14.474951] __kasan_check_write+0x18/0x20 [ 14.474970] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.474995] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.475020] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.475043] ? trace_hardirqs_on+0x37/0xe0 [ 14.475067] ? kasan_bitops_generic+0x92/0x1c0 [ 14.475093] kasan_bitops_generic+0x116/0x1c0 [ 14.475116] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.475139] ? __pfx_read_tsc+0x10/0x10 [ 14.475158] ? ktime_get_ts64+0x86/0x230 [ 14.475181] kunit_try_run_case+0x1a5/0x480 [ 14.475203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.475246] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.475268] ? __kthread_parkme+0x82/0x180 [ 14.475287] ? preempt_count_sub+0x50/0x80 [ 14.475309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.475353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.475423] kthread+0x337/0x6f0 [ 14.475446] ? trace_preempt_on+0x20/0xc0 [ 14.475467] ? __pfx_kthread+0x10/0x10 [ 14.475486] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.475506] ? calculate_sigpending+0x7b/0xa0 [ 14.475528] ? __pfx_kthread+0x10/0x10 [ 14.475548] ret_from_fork+0x116/0x1d0 [ 14.475566] ? __pfx_kthread+0x10/0x10 [ 14.475585] ret_from_fork_asm+0x1a/0x30 [ 14.475615] </TASK> [ 14.475625] [ 14.484289] Allocated by task 279: [ 14.484421] kasan_save_stack+0x45/0x70 [ 14.484567] kasan_save_track+0x18/0x40 [ 14.484701] kasan_save_alloc_info+0x3b/0x50 [ 14.484848] __kasan_kmalloc+0xb7/0xc0 [ 14.486277] __kmalloc_cache_noprof+0x189/0x420 [ 14.486876] kasan_bitops_generic+0x92/0x1c0 [ 14.487812] kunit_try_run_case+0x1a5/0x480 [ 14.488834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.489729] kthread+0x337/0x6f0 [ 14.490181] ret_from_fork+0x116/0x1d0 [ 14.491069] ret_from_fork_asm+0x1a/0x30 [ 14.491676] [ 14.492046] The buggy address belongs to the object at ffff888100fffac0 [ 14.492046] which belongs to the cache kmalloc-16 of size 16 [ 14.493215] The buggy address is located 8 bytes inside of [ 14.493215] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.493583] [ 14.493656] The buggy address belongs to the physical page: [ 14.494306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.495262] flags: 0x200000000000000(node=0|zone=2) [ 14.495863] page_type: f5(slab) [ 14.496214] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.497160] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.497960] page dumped because: kasan: bad access detected [ 14.498139] [ 14.498207] Memory state around the buggy address: [ 14.498410] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.499241] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.500027] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.500918] ^ [ 14.501465] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.501980] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.502198] ================================================================== [ 14.453427] ================================================================== [ 14.453702] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.454081] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.454405] [ 14.454508] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.454550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.454560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.454580] Call Trace: [ 14.454595] <TASK> [ 14.454609] dump_stack_lvl+0x73/0xb0 [ 14.454634] print_report+0xd1/0x610 [ 14.454656] ? __virt_addr_valid+0x1db/0x2d0 [ 14.454677] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.454706] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.454728] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.454753] kasan_report+0x141/0x180 [ 14.454773] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.454804] kasan_check_range+0x10c/0x1c0 [ 14.454826] __kasan_check_write+0x18/0x20 [ 14.455036] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.455076] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.455103] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.455126] ? trace_hardirqs_on+0x37/0xe0 [ 14.455146] ? kasan_bitops_generic+0x92/0x1c0 [ 14.455172] kasan_bitops_generic+0x116/0x1c0 [ 14.455195] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.455219] ? __pfx_read_tsc+0x10/0x10 [ 14.455238] ? ktime_get_ts64+0x86/0x230 [ 14.455261] kunit_try_run_case+0x1a5/0x480 [ 14.455285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.455306] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.455328] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.455351] ? __kthread_parkme+0x82/0x180 [ 14.455429] ? preempt_count_sub+0x50/0x80 [ 14.455452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.455474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.455497] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.455519] kthread+0x337/0x6f0 [ 14.455537] ? trace_preempt_on+0x20/0xc0 [ 14.455558] ? __pfx_kthread+0x10/0x10 [ 14.455577] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.455597] ? calculate_sigpending+0x7b/0xa0 [ 14.455619] ? __pfx_kthread+0x10/0x10 [ 14.455639] ret_from_fork+0x116/0x1d0 [ 14.455656] ? __pfx_kthread+0x10/0x10 [ 14.455675] ret_from_fork_asm+0x1a/0x30 [ 14.455704] </TASK> [ 14.455713] [ 14.464201] Allocated by task 279: [ 14.464444] kasan_save_stack+0x45/0x70 [ 14.464622] kasan_save_track+0x18/0x40 [ 14.464844] kasan_save_alloc_info+0x3b/0x50 [ 14.465006] __kasan_kmalloc+0xb7/0xc0 [ 14.465136] __kmalloc_cache_noprof+0x189/0x420 [ 14.465290] kasan_bitops_generic+0x92/0x1c0 [ 14.465437] kunit_try_run_case+0x1a5/0x480 [ 14.465581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.465756] kthread+0x337/0x6f0 [ 14.465876] ret_from_fork+0x116/0x1d0 [ 14.466216] ret_from_fork_asm+0x1a/0x30 [ 14.466539] [ 14.466639] The buggy address belongs to the object at ffff888100fffac0 [ 14.466639] which belongs to the cache kmalloc-16 of size 16 [ 14.467386] The buggy address is located 8 bytes inside of [ 14.467386] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.468516] [ 14.468627] The buggy address belongs to the physical page: [ 14.468996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.469247] flags: 0x200000000000000(node=0|zone=2) [ 14.469557] page_type: f5(slab) [ 14.469728] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.470169] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.470470] page dumped because: kasan: bad access detected [ 14.470684] [ 14.470836] Memory state around the buggy address: [ 14.471031] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.471308] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.471703] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.472018] ^ [ 14.472197] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.472460] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.472780] ================================================================== [ 14.502618] ================================================================== [ 14.503092] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.503396] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.504326] [ 14.504520] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.504562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.504574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.504594] Call Trace: [ 14.504607] <TASK> [ 14.504621] dump_stack_lvl+0x73/0xb0 [ 14.504648] print_report+0xd1/0x610 [ 14.504669] ? __virt_addr_valid+0x1db/0x2d0 [ 14.504690] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.504714] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.504735] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.504760] kasan_report+0x141/0x180 [ 14.504781] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.504810] kasan_check_range+0x10c/0x1c0 [ 14.504831] __kasan_check_write+0x18/0x20 [ 14.504849] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.504873] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.504919] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.504942] ? trace_hardirqs_on+0x37/0xe0 [ 14.504962] ? kasan_bitops_generic+0x92/0x1c0 [ 14.505000] kasan_bitops_generic+0x116/0x1c0 [ 14.505021] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.505045] ? __pfx_read_tsc+0x10/0x10 [ 14.505065] ? ktime_get_ts64+0x86/0x230 [ 14.505088] kunit_try_run_case+0x1a5/0x480 [ 14.505112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.505133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.505155] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.505177] ? __kthread_parkme+0x82/0x180 [ 14.505206] ? preempt_count_sub+0x50/0x80 [ 14.505228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.505251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.505283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.505306] kthread+0x337/0x6f0 [ 14.505324] ? trace_preempt_on+0x20/0xc0 [ 14.505344] ? __pfx_kthread+0x10/0x10 [ 14.505372] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.505393] ? calculate_sigpending+0x7b/0xa0 [ 14.505415] ? __pfx_kthread+0x10/0x10 [ 14.505444] ret_from_fork+0x116/0x1d0 [ 14.505462] ? __pfx_kthread+0x10/0x10 [ 14.505482] ret_from_fork_asm+0x1a/0x30 [ 14.505521] </TASK> [ 14.505530] [ 14.520769] Allocated by task 279: [ 14.521106] kasan_save_stack+0x45/0x70 [ 14.521585] kasan_save_track+0x18/0x40 [ 14.521979] kasan_save_alloc_info+0x3b/0x50 [ 14.522496] __kasan_kmalloc+0xb7/0xc0 [ 14.522932] __kmalloc_cache_noprof+0x189/0x420 [ 14.523265] kasan_bitops_generic+0x92/0x1c0 [ 14.523713] kunit_try_run_case+0x1a5/0x480 [ 14.523927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.524422] kthread+0x337/0x6f0 [ 14.524693] ret_from_fork+0x116/0x1d0 [ 14.525023] ret_from_fork_asm+0x1a/0x30 [ 14.525356] [ 14.525427] The buggy address belongs to the object at ffff888100fffac0 [ 14.525427] which belongs to the cache kmalloc-16 of size 16 [ 14.525858] The buggy address is located 8 bytes inside of [ 14.525858] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.526792] [ 14.526987] The buggy address belongs to the physical page: [ 14.527489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.528225] flags: 0x200000000000000(node=0|zone=2) [ 14.528395] page_type: f5(slab) [ 14.528514] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.529258] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.530062] page dumped because: kasan: bad access detected [ 14.530641] [ 14.530820] Memory state around the buggy address: [ 14.531349] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.531885] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.532410] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.532749] ^ [ 14.533287] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.533605] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.534289] ================================================================== [ 14.344343] ================================================================== [ 14.346296] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.347737] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.348095] [ 14.348187] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.348231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.348243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.348263] Call Trace: [ 14.348274] <TASK> [ 14.348288] dump_stack_lvl+0x73/0xb0 [ 14.348315] print_report+0xd1/0x610 [ 14.348336] ? __virt_addr_valid+0x1db/0x2d0 [ 14.348662] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.348690] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.348711] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.348736] kasan_report+0x141/0x180 [ 14.348758] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.348787] kasan_check_range+0x10c/0x1c0 [ 14.348809] __kasan_check_write+0x18/0x20 [ 14.348827] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.348852] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.348877] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.348900] ? trace_hardirqs_on+0x37/0xe0 [ 14.348937] ? kasan_bitops_generic+0x92/0x1c0 [ 14.348964] kasan_bitops_generic+0x116/0x1c0 [ 14.348986] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.349010] ? __pfx_read_tsc+0x10/0x10 [ 14.349029] ? ktime_get_ts64+0x86/0x230 [ 14.349052] kunit_try_run_case+0x1a5/0x480 [ 14.349074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.349096] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.349118] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.349140] ? __kthread_parkme+0x82/0x180 [ 14.349159] ? preempt_count_sub+0x50/0x80 [ 14.349181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.349204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.349226] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.349249] kthread+0x337/0x6f0 [ 14.349270] ? trace_preempt_on+0x20/0xc0 [ 14.349294] ? __pfx_kthread+0x10/0x10 [ 14.349316] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.349337] ? calculate_sigpending+0x7b/0xa0 [ 14.349415] ? __pfx_kthread+0x10/0x10 [ 14.349436] ret_from_fork+0x116/0x1d0 [ 14.349454] ? __pfx_kthread+0x10/0x10 [ 14.349473] ret_from_fork_asm+0x1a/0x30 [ 14.349503] </TASK> [ 14.349512] [ 14.362066] Allocated by task 279: [ 14.362553] kasan_save_stack+0x45/0x70 [ 14.362788] kasan_save_track+0x18/0x40 [ 14.363260] kasan_save_alloc_info+0x3b/0x50 [ 14.363822] __kasan_kmalloc+0xb7/0xc0 [ 14.364038] __kmalloc_cache_noprof+0x189/0x420 [ 14.364316] kasan_bitops_generic+0x92/0x1c0 [ 14.364745] kunit_try_run_case+0x1a5/0x480 [ 14.365107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.365353] kthread+0x337/0x6f0 [ 14.365502] ret_from_fork+0x116/0x1d0 [ 14.366020] ret_from_fork_asm+0x1a/0x30 [ 14.366215] [ 14.366288] The buggy address belongs to the object at ffff888100fffac0 [ 14.366288] which belongs to the cache kmalloc-16 of size 16 [ 14.367239] The buggy address is located 8 bytes inside of [ 14.367239] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.368208] [ 14.368304] The buggy address belongs to the physical page: [ 14.368861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.369379] flags: 0x200000000000000(node=0|zone=2) [ 14.369709] page_type: f5(slab) [ 14.370048] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.370564] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.370993] page dumped because: kasan: bad access detected [ 14.371332] [ 14.371450] Memory state around the buggy address: [ 14.371940] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.372348] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.373071] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.373380] ^ [ 14.373614] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.374172] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.374621] ================================================================== [ 14.433266] ================================================================== [ 14.434030] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.434370] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.434815] [ 14.435049] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.435097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.435110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.435133] Call Trace: [ 14.435144] <TASK> [ 14.435159] dump_stack_lvl+0x73/0xb0 [ 14.435186] print_report+0xd1/0x610 [ 14.435208] ? __virt_addr_valid+0x1db/0x2d0 [ 14.435229] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.435253] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.435274] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.435299] kasan_report+0x141/0x180 [ 14.435319] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.435349] kasan_check_range+0x10c/0x1c0 [ 14.435371] __kasan_check_write+0x18/0x20 [ 14.435389] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.435414] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.435439] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.435462] ? trace_hardirqs_on+0x37/0xe0 [ 14.435483] ? kasan_bitops_generic+0x92/0x1c0 [ 14.435509] kasan_bitops_generic+0x116/0x1c0 [ 14.435531] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.435555] ? __pfx_read_tsc+0x10/0x10 [ 14.435574] ? ktime_get_ts64+0x86/0x230 [ 14.435597] kunit_try_run_case+0x1a5/0x480 [ 14.435619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.435640] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.435663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.435687] ? __kthread_parkme+0x82/0x180 [ 14.435705] ? preempt_count_sub+0x50/0x80 [ 14.435728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.435751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.435773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.435795] kthread+0x337/0x6f0 [ 14.435814] ? trace_preempt_on+0x20/0xc0 [ 14.435834] ? __pfx_kthread+0x10/0x10 [ 14.435854] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.435875] ? calculate_sigpending+0x7b/0xa0 [ 14.435897] ? __pfx_kthread+0x10/0x10 [ 14.435984] ret_from_fork+0x116/0x1d0 [ 14.436003] ? __pfx_kthread+0x10/0x10 [ 14.436022] ret_from_fork_asm+0x1a/0x30 [ 14.436052] </TASK> [ 14.436061] [ 14.444864] Allocated by task 279: [ 14.445063] kasan_save_stack+0x45/0x70 [ 14.445225] kasan_save_track+0x18/0x40 [ 14.445504] kasan_save_alloc_info+0x3b/0x50 [ 14.445753] __kasan_kmalloc+0xb7/0xc0 [ 14.445926] __kmalloc_cache_noprof+0x189/0x420 [ 14.446109] kasan_bitops_generic+0x92/0x1c0 [ 14.446310] kunit_try_run_case+0x1a5/0x480 [ 14.446582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.446817] kthread+0x337/0x6f0 [ 14.446998] ret_from_fork+0x116/0x1d0 [ 14.447153] ret_from_fork_asm+0x1a/0x30 [ 14.447288] [ 14.447356] The buggy address belongs to the object at ffff888100fffac0 [ 14.447356] which belongs to the cache kmalloc-16 of size 16 [ 14.447696] The buggy address is located 8 bytes inside of [ 14.447696] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.448183] [ 14.448275] The buggy address belongs to the physical page: [ 14.448701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.449053] flags: 0x200000000000000(node=0|zone=2) [ 14.449240] page_type: f5(slab) [ 14.449355] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.449577] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.450344] page dumped because: kasan: bad access detected [ 14.450650] [ 14.450837] Memory state around the buggy address: [ 14.451079] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.451346] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.451653] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.451996] ^ [ 14.452190] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.452617] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.453073] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.283706] ================================================================== [ 14.284387] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.285067] Read of size 1 at addr ffff888102746ad0 by task kunit_try_catch/276 [ 14.285593] [ 14.285780] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.285823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.285835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.285855] Call Trace: [ 14.285879] <TASK> [ 14.285894] dump_stack_lvl+0x73/0xb0 [ 14.285939] print_report+0xd1/0x610 [ 14.285962] ? __virt_addr_valid+0x1db/0x2d0 [ 14.285993] ? strnlen+0x73/0x80 [ 14.286011] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.286034] ? strnlen+0x73/0x80 [ 14.286052] kasan_report+0x141/0x180 [ 14.286083] ? strnlen+0x73/0x80 [ 14.286105] __asan_report_load1_noabort+0x18/0x20 [ 14.286128] strnlen+0x73/0x80 [ 14.286147] kasan_strings+0x615/0xe80 [ 14.286167] ? trace_hardirqs_on+0x37/0xe0 [ 14.286189] ? __pfx_kasan_strings+0x10/0x10 [ 14.286209] ? finish_task_switch.isra.0+0x153/0x700 [ 14.286230] ? __switch_to+0x47/0xf50 [ 14.286254] ? __schedule+0x10cc/0x2b60 [ 14.286274] ? __pfx_read_tsc+0x10/0x10 [ 14.286294] ? ktime_get_ts64+0x86/0x230 [ 14.286317] kunit_try_run_case+0x1a5/0x480 [ 14.286340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.286372] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.286396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.286418] ? __kthread_parkme+0x82/0x180 [ 14.286438] ? preempt_count_sub+0x50/0x80 [ 14.286461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.286485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.286508] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.286531] kthread+0x337/0x6f0 [ 14.286550] ? trace_preempt_on+0x20/0xc0 [ 14.286572] ? __pfx_kthread+0x10/0x10 [ 14.286592] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.286612] ? calculate_sigpending+0x7b/0xa0 [ 14.286635] ? __pfx_kthread+0x10/0x10 [ 14.286656] ret_from_fork+0x116/0x1d0 [ 14.286674] ? __pfx_kthread+0x10/0x10 [ 14.286741] ret_from_fork_asm+0x1a/0x30 [ 14.286772] </TASK> [ 14.286782] [ 14.299221] Allocated by task 276: [ 14.299664] kasan_save_stack+0x45/0x70 [ 14.300198] kasan_save_track+0x18/0x40 [ 14.300606] kasan_save_alloc_info+0x3b/0x50 [ 14.301110] __kasan_kmalloc+0xb7/0xc0 [ 14.301547] __kmalloc_cache_noprof+0x189/0x420 [ 14.302116] kasan_strings+0xc0/0xe80 [ 14.302482] kunit_try_run_case+0x1a5/0x480 [ 14.302882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.303248] kthread+0x337/0x6f0 [ 14.303376] ret_from_fork+0x116/0x1d0 [ 14.303707] ret_from_fork_asm+0x1a/0x30 [ 14.304139] [ 14.304296] Freed by task 276: [ 14.304707] kasan_save_stack+0x45/0x70 [ 14.305061] kasan_save_track+0x18/0x40 [ 14.305198] kasan_save_free_info+0x3f/0x60 [ 14.305346] __kasan_slab_free+0x56/0x70 [ 14.305801] kfree+0x222/0x3f0 [ 14.306138] kasan_strings+0x2aa/0xe80 [ 14.306602] kunit_try_run_case+0x1a5/0x480 [ 14.307135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.307877] kthread+0x337/0x6f0 [ 14.308049] ret_from_fork+0x116/0x1d0 [ 14.308185] ret_from_fork_asm+0x1a/0x30 [ 14.308325] [ 14.308509] The buggy address belongs to the object at ffff888102746ac0 [ 14.308509] which belongs to the cache kmalloc-32 of size 32 [ 14.309755] The buggy address is located 16 bytes inside of [ 14.309755] freed 32-byte region [ffff888102746ac0, ffff888102746ae0) [ 14.310886] [ 14.311076] The buggy address belongs to the physical page: [ 14.311638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102746 [ 14.312092] flags: 0x200000000000000(node=0|zone=2) [ 14.312647] page_type: f5(slab) [ 14.312972] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.313344] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.314287] page dumped because: kasan: bad access detected [ 14.314740] [ 14.314814] Memory state around the buggy address: [ 14.314981] ffff888102746980: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 14.315202] ffff888102746a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.315704] >ffff888102746a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.316340] ^ [ 14.316932] ffff888102746b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.317587] ffff888102746b80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.318215] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.258769] ================================================================== [ 14.259136] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.259537] Read of size 1 at addr ffff888102746ad0 by task kunit_try_catch/276 [ 14.259889] [ 14.260018] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.260060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.260072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.260093] Call Trace: [ 14.260104] <TASK> [ 14.260118] dump_stack_lvl+0x73/0xb0 [ 14.260144] print_report+0xd1/0x610 [ 14.260166] ? __virt_addr_valid+0x1db/0x2d0 [ 14.260189] ? strlen+0x8f/0xb0 [ 14.260207] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.260229] ? strlen+0x8f/0xb0 [ 14.260246] kasan_report+0x141/0x180 [ 14.260267] ? strlen+0x8f/0xb0 [ 14.260289] __asan_report_load1_noabort+0x18/0x20 [ 14.260313] strlen+0x8f/0xb0 [ 14.260330] kasan_strings+0x57b/0xe80 [ 14.260393] ? trace_hardirqs_on+0x37/0xe0 [ 14.260416] ? __pfx_kasan_strings+0x10/0x10 [ 14.260437] ? finish_task_switch.isra.0+0x153/0x700 [ 14.260521] ? __switch_to+0x47/0xf50 [ 14.260547] ? __schedule+0x10cc/0x2b60 [ 14.260580] ? __pfx_read_tsc+0x10/0x10 [ 14.260599] ? ktime_get_ts64+0x86/0x230 [ 14.260623] kunit_try_run_case+0x1a5/0x480 [ 14.260659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.260681] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.260703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.260726] ? __kthread_parkme+0x82/0x180 [ 14.260746] ? preempt_count_sub+0x50/0x80 [ 14.260778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.260801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.260825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.260859] kthread+0x337/0x6f0 [ 14.260878] ? trace_preempt_on+0x20/0xc0 [ 14.260900] ? __pfx_kthread+0x10/0x10 [ 14.260930] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.260950] ? calculate_sigpending+0x7b/0xa0 [ 14.260973] ? __pfx_kthread+0x10/0x10 [ 14.260994] ret_from_fork+0x116/0x1d0 [ 14.261012] ? __pfx_kthread+0x10/0x10 [ 14.261031] ret_from_fork_asm+0x1a/0x30 [ 14.261061] </TASK> [ 14.261071] [ 14.269794] Allocated by task 276: [ 14.269939] kasan_save_stack+0x45/0x70 [ 14.270191] kasan_save_track+0x18/0x40 [ 14.270432] kasan_save_alloc_info+0x3b/0x50 [ 14.270681] __kasan_kmalloc+0xb7/0xc0 [ 14.270920] __kmalloc_cache_noprof+0x189/0x420 [ 14.271159] kasan_strings+0xc0/0xe80 [ 14.271516] kunit_try_run_case+0x1a5/0x480 [ 14.271706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.271969] kthread+0x337/0x6f0 [ 14.272114] ret_from_fork+0x116/0x1d0 [ 14.272302] ret_from_fork_asm+0x1a/0x30 [ 14.272539] [ 14.272637] Freed by task 276: [ 14.272863] kasan_save_stack+0x45/0x70 [ 14.273085] kasan_save_track+0x18/0x40 [ 14.273274] kasan_save_free_info+0x3f/0x60 [ 14.273574] __kasan_slab_free+0x56/0x70 [ 14.273807] kfree+0x222/0x3f0 [ 14.273972] kasan_strings+0x2aa/0xe80 [ 14.274156] kunit_try_run_case+0x1a5/0x480 [ 14.274444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.274683] kthread+0x337/0x6f0 [ 14.274854] ret_from_fork+0x116/0x1d0 [ 14.275037] ret_from_fork_asm+0x1a/0x30 [ 14.275242] [ 14.275339] The buggy address belongs to the object at ffff888102746ac0 [ 14.275339] which belongs to the cache kmalloc-32 of size 32 [ 14.276165] The buggy address is located 16 bytes inside of [ 14.276165] freed 32-byte region [ffff888102746ac0, ffff888102746ae0) [ 14.276806] [ 14.276964] The buggy address belongs to the physical page: [ 14.277136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102746 [ 14.277374] flags: 0x200000000000000(node=0|zone=2) [ 14.277585] page_type: f5(slab) [ 14.277822] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.278073] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.278303] page dumped because: kasan: bad access detected [ 14.278689] [ 14.278856] Memory state around the buggy address: [ 14.279329] ffff888102746980: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 14.280124] ffff888102746a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.280350] >ffff888102746a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.280566] ^ [ 14.280754] ffff888102746b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.281898] ffff888102746b80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.282680] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.233579] ================================================================== [ 14.233883] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 14.234205] Read of size 1 at addr ffff888102746ad0 by task kunit_try_catch/276 [ 14.234666] [ 14.234817] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.234858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.234870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.234890] Call Trace: [ 14.234924] <TASK> [ 14.234938] dump_stack_lvl+0x73/0xb0 [ 14.234967] print_report+0xd1/0x610 [ 14.235001] ? __virt_addr_valid+0x1db/0x2d0 [ 14.235023] ? kasan_strings+0xcbc/0xe80 [ 14.235043] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.235068] ? kasan_strings+0xcbc/0xe80 [ 14.235089] kasan_report+0x141/0x180 [ 14.235120] ? kasan_strings+0xcbc/0xe80 [ 14.235145] __asan_report_load1_noabort+0x18/0x20 [ 14.235168] kasan_strings+0xcbc/0xe80 [ 14.235198] ? trace_hardirqs_on+0x37/0xe0 [ 14.235220] ? __pfx_kasan_strings+0x10/0x10 [ 14.235240] ? finish_task_switch.isra.0+0x153/0x700 [ 14.235262] ? __switch_to+0x47/0xf50 [ 14.235286] ? __schedule+0x10cc/0x2b60 [ 14.235308] ? __pfx_read_tsc+0x10/0x10 [ 14.235328] ? ktime_get_ts64+0x86/0x230 [ 14.235402] kunit_try_run_case+0x1a5/0x480 [ 14.235430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.235452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.235487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.235510] ? __kthread_parkme+0x82/0x180 [ 14.235530] ? preempt_count_sub+0x50/0x80 [ 14.235553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.235576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.235608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.235631] kthread+0x337/0x6f0 [ 14.235650] ? trace_preempt_on+0x20/0xc0 [ 14.235683] ? __pfx_kthread+0x10/0x10 [ 14.235702] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.235724] ? calculate_sigpending+0x7b/0xa0 [ 14.235747] ? __pfx_kthread+0x10/0x10 [ 14.235768] ret_from_fork+0x116/0x1d0 [ 14.235794] ? __pfx_kthread+0x10/0x10 [ 14.235814] ret_from_fork_asm+0x1a/0x30 [ 14.235844] </TASK> [ 14.235866] [ 14.244458] Allocated by task 276: [ 14.244685] kasan_save_stack+0x45/0x70 [ 14.244920] kasan_save_track+0x18/0x40 [ 14.245118] kasan_save_alloc_info+0x3b/0x50 [ 14.245341] __kasan_kmalloc+0xb7/0xc0 [ 14.245550] __kmalloc_cache_noprof+0x189/0x420 [ 14.245851] kasan_strings+0xc0/0xe80 [ 14.246042] kunit_try_run_case+0x1a5/0x480 [ 14.246239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.246674] kthread+0x337/0x6f0 [ 14.246901] ret_from_fork+0x116/0x1d0 [ 14.247049] ret_from_fork_asm+0x1a/0x30 [ 14.247197] [ 14.247268] Freed by task 276: [ 14.247410] kasan_save_stack+0x45/0x70 [ 14.247617] kasan_save_track+0x18/0x40 [ 14.247808] kasan_save_free_info+0x3f/0x60 [ 14.248495] __kasan_slab_free+0x56/0x70 [ 14.248753] kfree+0x222/0x3f0 [ 14.248932] kasan_strings+0x2aa/0xe80 [ 14.249123] kunit_try_run_case+0x1a5/0x480 [ 14.249287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.250953] kthread+0x337/0x6f0 [ 14.251156] ret_from_fork+0x116/0x1d0 [ 14.251344] ret_from_fork_asm+0x1a/0x30 [ 14.251531] [ 14.251839] The buggy address belongs to the object at ffff888102746ac0 [ 14.251839] which belongs to the cache kmalloc-32 of size 32 [ 14.252645] The buggy address is located 16 bytes inside of [ 14.252645] freed 32-byte region [ffff888102746ac0, ffff888102746ae0) [ 14.253138] [ 14.253213] The buggy address belongs to the physical page: [ 14.253504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102746 [ 14.254138] flags: 0x200000000000000(node=0|zone=2) [ 14.254305] page_type: f5(slab) [ 14.254624] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.255133] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.255366] page dumped because: kasan: bad access detected [ 14.255561] [ 14.255656] Memory state around the buggy address: [ 14.255880] ffff888102746980: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 14.256459] ffff888102746a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.256855] >ffff888102746a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.257125] ^ [ 14.257479] ffff888102746b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.257809] ffff888102746b80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.258129] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.209769] ================================================================== [ 14.210809] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.211142] Read of size 1 at addr ffff888102746ad0 by task kunit_try_catch/276 [ 14.211443] [ 14.211645] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.211693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.211706] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.211727] Call Trace: [ 14.211738] <TASK> [ 14.211753] dump_stack_lvl+0x73/0xb0 [ 14.211792] print_report+0xd1/0x610 [ 14.211816] ? __virt_addr_valid+0x1db/0x2d0 [ 14.211839] ? strcmp+0xb0/0xc0 [ 14.211868] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.211890] ? strcmp+0xb0/0xc0 [ 14.211916] kasan_report+0x141/0x180 [ 14.211938] ? strcmp+0xb0/0xc0 [ 14.211959] __asan_report_load1_noabort+0x18/0x20 [ 14.211994] strcmp+0xb0/0xc0 [ 14.212012] kasan_strings+0x431/0xe80 [ 14.212032] ? trace_hardirqs_on+0x37/0xe0 [ 14.212065] ? __pfx_kasan_strings+0x10/0x10 [ 14.212085] ? finish_task_switch.isra.0+0x153/0x700 [ 14.212106] ? __switch_to+0x47/0xf50 [ 14.212131] ? __schedule+0x10cc/0x2b60 [ 14.212156] ? __pfx_read_tsc+0x10/0x10 [ 14.212176] ? ktime_get_ts64+0x86/0x230 [ 14.212199] kunit_try_run_case+0x1a5/0x480 [ 14.212223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.212246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.212268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.212291] ? __kthread_parkme+0x82/0x180 [ 14.212312] ? preempt_count_sub+0x50/0x80 [ 14.212334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.212449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.212475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.212498] kthread+0x337/0x6f0 [ 14.212517] ? trace_preempt_on+0x20/0xc0 [ 14.212539] ? __pfx_kthread+0x10/0x10 [ 14.212560] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.212669] ? calculate_sigpending+0x7b/0xa0 [ 14.212698] ? __pfx_kthread+0x10/0x10 [ 14.212720] ret_from_fork+0x116/0x1d0 [ 14.212739] ? __pfx_kthread+0x10/0x10 [ 14.212759] ret_from_fork_asm+0x1a/0x30 [ 14.212788] </TASK> [ 14.212798] [ 14.221002] Allocated by task 276: [ 14.221142] kasan_save_stack+0x45/0x70 [ 14.221459] kasan_save_track+0x18/0x40 [ 14.221684] kasan_save_alloc_info+0x3b/0x50 [ 14.221938] __kasan_kmalloc+0xb7/0xc0 [ 14.222156] __kmalloc_cache_noprof+0x189/0x420 [ 14.222470] kasan_strings+0xc0/0xe80 [ 14.222638] kunit_try_run_case+0x1a5/0x480 [ 14.223003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.223242] kthread+0x337/0x6f0 [ 14.223527] ret_from_fork+0x116/0x1d0 [ 14.223851] ret_from_fork_asm+0x1a/0x30 [ 14.224043] [ 14.224163] Freed by task 276: [ 14.224305] kasan_save_stack+0x45/0x70 [ 14.224621] kasan_save_track+0x18/0x40 [ 14.224846] kasan_save_free_info+0x3f/0x60 [ 14.225073] __kasan_slab_free+0x56/0x70 [ 14.225260] kfree+0x222/0x3f0 [ 14.225640] kasan_strings+0x2aa/0xe80 [ 14.225817] kunit_try_run_case+0x1a5/0x480 [ 14.225976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.226153] kthread+0x337/0x6f0 [ 14.226274] ret_from_fork+0x116/0x1d0 [ 14.226425] ret_from_fork_asm+0x1a/0x30 [ 14.226619] [ 14.226714] The buggy address belongs to the object at ffff888102746ac0 [ 14.226714] which belongs to the cache kmalloc-32 of size 32 [ 14.227560] The buggy address is located 16 bytes inside of [ 14.227560] freed 32-byte region [ffff888102746ac0, ffff888102746ae0) [ 14.228076] [ 14.228175] The buggy address belongs to the physical page: [ 14.228512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102746 [ 14.228848] flags: 0x200000000000000(node=0|zone=2) [ 14.229090] page_type: f5(slab) [ 14.229215] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.229687] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.230125] page dumped because: kasan: bad access detected [ 14.230531] [ 14.230633] Memory state around the buggy address: [ 14.231056] ffff888102746980: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 14.231307] ffff888102746a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.231546] >ffff888102746a80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.231887] ^ [ 14.232159] ffff888102746b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.232437] ffff888102746b80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.232847] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.180709] ================================================================== [ 14.181218] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.181464] Read of size 1 at addr ffff888102746a58 by task kunit_try_catch/274 [ 14.181915] [ 14.182019] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.182063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.182076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.182096] Call Trace: [ 14.182108] <TASK> [ 14.182124] dump_stack_lvl+0x73/0xb0 [ 14.182164] print_report+0xd1/0x610 [ 14.182187] ? __virt_addr_valid+0x1db/0x2d0 [ 14.182222] ? memcmp+0x1b4/0x1d0 [ 14.182239] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.182260] ? memcmp+0x1b4/0x1d0 [ 14.182277] kasan_report+0x141/0x180 [ 14.182299] ? memcmp+0x1b4/0x1d0 [ 14.182321] __asan_report_load1_noabort+0x18/0x20 [ 14.182357] memcmp+0x1b4/0x1d0 [ 14.182376] kasan_memcmp+0x18f/0x390 [ 14.182397] ? finish_task_switch.isra.0+0x156/0x700 [ 14.182421] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.182441] ? finish_task_switch.isra.0+0x153/0x700 [ 14.182461] ? __switch_to+0x47/0xf50 [ 14.182489] ? __pfx_read_tsc+0x10/0x10 [ 14.182509] ? ktime_get_ts64+0x86/0x230 [ 14.182533] kunit_try_run_case+0x1a5/0x480 [ 14.182557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.182579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.182602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.182634] ? __kthread_parkme+0x82/0x180 [ 14.182653] ? preempt_count_sub+0x50/0x80 [ 14.182675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.182719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.182742] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.182773] kthread+0x337/0x6f0 [ 14.182792] ? trace_preempt_on+0x20/0xc0 [ 14.182815] ? __pfx_kthread+0x10/0x10 [ 14.182845] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.182865] ? calculate_sigpending+0x7b/0xa0 [ 14.182888] ? __pfx_kthread+0x10/0x10 [ 14.182917] ret_from_fork+0x116/0x1d0 [ 14.182936] ? __pfx_kthread+0x10/0x10 [ 14.182956] ret_from_fork_asm+0x1a/0x30 [ 14.182985] </TASK> [ 14.182995] [ 14.194177] Allocated by task 274: [ 14.194363] kasan_save_stack+0x45/0x70 [ 14.194694] kasan_save_track+0x18/0x40 [ 14.194869] kasan_save_alloc_info+0x3b/0x50 [ 14.195095] __kasan_kmalloc+0xb7/0xc0 [ 14.195286] __kmalloc_cache_noprof+0x189/0x420 [ 14.195444] kasan_memcmp+0xb7/0x390 [ 14.195690] kunit_try_run_case+0x1a5/0x480 [ 14.195902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.196090] kthread+0x337/0x6f0 [ 14.196511] ret_from_fork+0x116/0x1d0 [ 14.196845] ret_from_fork_asm+0x1a/0x30 [ 14.197081] [ 14.197178] The buggy address belongs to the object at ffff888102746a40 [ 14.197178] which belongs to the cache kmalloc-32 of size 32 [ 14.197655] The buggy address is located 0 bytes to the right of [ 14.197655] allocated 24-byte region [ffff888102746a40, ffff888102746a58) [ 14.198383] [ 14.198533] The buggy address belongs to the physical page: [ 14.198787] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102746 [ 14.199142] flags: 0x200000000000000(node=0|zone=2) [ 14.199378] page_type: f5(slab) [ 14.199636] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.199938] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.200204] page dumped because: kasan: bad access detected [ 14.200475] [ 14.200570] Memory state around the buggy address: [ 14.200809] ffff888102746900: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.201032] ffff888102746980: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 14.201349] >ffff888102746a00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.201972] ^ [ 14.202220] ffff888102746a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.202670] ffff888102746b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.203000] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.147630] ================================================================== [ 14.148735] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 14.149062] Read of size 1 at addr ffff888103a6fc4a by task kunit_try_catch/270 [ 14.149289] [ 14.149381] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.149423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.149434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.149455] Call Trace: [ 14.149466] <TASK> [ 14.149481] dump_stack_lvl+0x73/0xb0 [ 14.149508] print_report+0xd1/0x610 [ 14.149529] ? __virt_addr_valid+0x1db/0x2d0 [ 14.149550] ? kasan_alloca_oob_right+0x329/0x390 [ 14.149572] ? kasan_addr_to_slab+0x11/0xa0 [ 14.149591] ? kasan_alloca_oob_right+0x329/0x390 [ 14.149613] kasan_report+0x141/0x180 [ 14.149634] ? kasan_alloca_oob_right+0x329/0x390 [ 14.149660] __asan_report_load1_noabort+0x18/0x20 [ 14.149684] kasan_alloca_oob_right+0x329/0x390 [ 14.149705] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.149726] ? finish_task_switch.isra.0+0x153/0x700 [ 14.149747] ? rt_mutex_adjust_prio_chain+0x195e/0x20e0 [ 14.149768] ? trace_hardirqs_on+0x37/0xe0 [ 14.149792] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.149817] ? __schedule+0x10cc/0x2b60 [ 14.149838] ? __pfx_read_tsc+0x10/0x10 [ 14.149857] ? ktime_get_ts64+0x86/0x230 [ 14.149880] kunit_try_run_case+0x1a5/0x480 [ 14.149903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.149937] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.149960] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.149982] ? __kthread_parkme+0x82/0x180 [ 14.150002] ? preempt_count_sub+0x50/0x80 [ 14.150023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.150046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.150069] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.150091] kthread+0x337/0x6f0 [ 14.150110] ? trace_preempt_on+0x20/0xc0 [ 14.150131] ? __pfx_kthread+0x10/0x10 [ 14.150150] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.150205] ? calculate_sigpending+0x7b/0xa0 [ 14.150230] ? __pfx_kthread+0x10/0x10 [ 14.150263] ret_from_fork+0x116/0x1d0 [ 14.150282] ? __pfx_kthread+0x10/0x10 [ 14.150302] ret_from_fork_asm+0x1a/0x30 [ 14.150338] </TASK> [ 14.150348] [ 14.167094] The buggy address belongs to stack of task kunit_try_catch/270 [ 14.167531] [ 14.167729] The buggy address belongs to the physical page: [ 14.168198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a6f [ 14.168607] flags: 0x200000000000000(node=0|zone=2) [ 14.169111] raw: 0200000000000000 ffffea00040e9bc8 ffffea00040e9bc8 0000000000000000 [ 14.169898] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.170405] page dumped because: kasan: bad access detected [ 14.171032] [ 14.171109] Memory state around the buggy address: [ 14.171265] ffff888103a6fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.171670] ffff888103a6fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.172526] >ffff888103a6fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.173431] ^ [ 14.173943] ffff888103a6fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.174165] ffff888103a6fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.174389] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.124431] ================================================================== [ 14.125008] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 14.125320] Read of size 1 at addr ffff888103b5fc3f by task kunit_try_catch/268 [ 14.125608] [ 14.125714] CPU: 1 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.125757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.125768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.125790] Call Trace: [ 14.125803] <TASK> [ 14.125817] dump_stack_lvl+0x73/0xb0 [ 14.125845] print_report+0xd1/0x610 [ 14.125866] ? __virt_addr_valid+0x1db/0x2d0 [ 14.125889] ? kasan_alloca_oob_left+0x320/0x380 [ 14.125924] ? kasan_addr_to_slab+0x11/0xa0 [ 14.125944] ? kasan_alloca_oob_left+0x320/0x380 [ 14.125965] kasan_report+0x141/0x180 [ 14.125986] ? kasan_alloca_oob_left+0x320/0x380 [ 14.126012] __asan_report_load1_noabort+0x18/0x20 [ 14.126035] kasan_alloca_oob_left+0x320/0x380 [ 14.126059] ? finish_task_switch.isra.0+0x153/0x700 [ 14.126081] ? rt_mutex_adjust_prio_chain+0x195e/0x20e0 [ 14.126103] ? trace_hardirqs_on+0x37/0xe0 [ 14.126128] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.126152] ? __schedule+0x10cc/0x2b60 [ 14.126173] ? __pfx_read_tsc+0x10/0x10 [ 14.126193] ? ktime_get_ts64+0x86/0x230 [ 14.126216] kunit_try_run_case+0x1a5/0x480 [ 14.126239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.126262] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.126284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.126306] ? __kthread_parkme+0x82/0x180 [ 14.126326] ? preempt_count_sub+0x50/0x80 [ 14.126348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.126371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.126393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.126416] kthread+0x337/0x6f0 [ 14.126434] ? trace_preempt_on+0x20/0xc0 [ 14.126455] ? __pfx_kthread+0x10/0x10 [ 14.126474] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.126495] ? calculate_sigpending+0x7b/0xa0 [ 14.126518] ? __pfx_kthread+0x10/0x10 [ 14.126538] ret_from_fork+0x116/0x1d0 [ 14.126556] ? __pfx_kthread+0x10/0x10 [ 14.126576] ret_from_fork_asm+0x1a/0x30 [ 14.126606] </TASK> [ 14.126616] [ 14.139091] The buggy address belongs to stack of task kunit_try_catch/268 [ 14.139777] [ 14.139897] The buggy address belongs to the physical page: [ 14.140135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b5f [ 14.141078] flags: 0x200000000000000(node=0|zone=2) [ 14.141475] raw: 0200000000000000 ffffea00040ed7c8 ffffea00040ed7c8 0000000000000000 [ 14.142132] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.142616] page dumped because: kasan: bad access detected [ 14.143023] [ 14.143102] Memory state around the buggy address: [ 14.143499] ffff888103b5fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.143823] ffff888103b5fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.144127] >ffff888103b5fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.144371] ^ [ 14.144566] ffff888103b5fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.144892] ffff888103b5fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.145176] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.073621] ================================================================== [ 14.074627] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 14.075679] Read of size 1 at addr ffffffff97063e8d by task kunit_try_catch/262 [ 14.076325] [ 14.076589] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.076637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.076649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.076669] Call Trace: [ 14.076684] <TASK> [ 14.076698] dump_stack_lvl+0x73/0xb0 [ 14.076728] print_report+0xd1/0x610 [ 14.076749] ? __virt_addr_valid+0x1db/0x2d0 [ 14.076771] ? kasan_global_oob_right+0x286/0x2d0 [ 14.076791] ? kasan_addr_to_slab+0x11/0xa0 [ 14.076810] ? kasan_global_oob_right+0x286/0x2d0 [ 14.076831] kasan_report+0x141/0x180 [ 14.076852] ? kasan_global_oob_right+0x286/0x2d0 [ 14.076877] __asan_report_load1_noabort+0x18/0x20 [ 14.076901] kasan_global_oob_right+0x286/0x2d0 [ 14.076935] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.076959] ? __schedule+0x10cc/0x2b60 [ 14.076980] ? __pfx_read_tsc+0x10/0x10 [ 14.077000] ? ktime_get_ts64+0x86/0x230 [ 14.077023] kunit_try_run_case+0x1a5/0x480 [ 14.077047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.077068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.077090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.077112] ? __kthread_parkme+0x82/0x180 [ 14.077132] ? preempt_count_sub+0x50/0x80 [ 14.077154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.077177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.077200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.077223] kthread+0x337/0x6f0 [ 14.077241] ? trace_preempt_on+0x20/0xc0 [ 14.077264] ? __pfx_kthread+0x10/0x10 [ 14.077283] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.077303] ? calculate_sigpending+0x7b/0xa0 [ 14.077326] ? __pfx_kthread+0x10/0x10 [ 14.077452] ret_from_fork+0x116/0x1d0 [ 14.077474] ? __pfx_kthread+0x10/0x10 [ 14.077494] ret_from_fork_asm+0x1a/0x30 [ 14.077537] </TASK> [ 14.077547] [ 14.092471] The buggy address belongs to the variable: [ 14.092802] global_array+0xd/0x40 [ 14.092974] [ 14.093098] The buggy address belongs to the physical page: [ 14.093399] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51e63 [ 14.093648] flags: 0x100000000002000(reserved|node=0|zone=1) [ 14.093935] raw: 0100000000002000 ffffea00014798c8 ffffea00014798c8 0000000000000000 [ 14.094285] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.094713] page dumped because: kasan: bad access detected [ 14.094979] [ 14.095074] Memory state around the buggy address: [ 14.095266] ffffffff97063d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.095693] ffffffff97063e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.096061] >ffffffff97063e80: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.096297] ^ [ 14.096553] ffffffff97063f00: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.096856] ffffffff97063f80: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.097102] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.017001] ================================================================== [ 14.017505] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.018006] Free of addr ffff888102ad4b01 by task kunit_try_catch/258 [ 14.018253] [ 14.018377] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.018420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.018431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.018452] Call Trace: [ 14.018464] <TASK> [ 14.018476] dump_stack_lvl+0x73/0xb0 [ 14.018503] print_report+0xd1/0x610 [ 14.018524] ? __virt_addr_valid+0x1db/0x2d0 [ 14.018547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.018567] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.018592] kasan_report_invalid_free+0x10a/0x130 [ 14.018616] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.018642] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.018666] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.018690] check_slab_allocation+0x11f/0x130 [ 14.018711] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.018734] mempool_free+0x2ec/0x380 [ 14.018760] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.018784] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.018808] ? update_curr+0x5c1/0x810 [ 14.018835] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.018858] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.018880] ? schedule+0x7c/0x2e0 [ 14.018902] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.018934] ? __pfx_mempool_kfree+0x10/0x10 [ 14.018958] ? __pfx_read_tsc+0x10/0x10 [ 14.018979] ? ktime_get_ts64+0x86/0x230 [ 14.019002] kunit_try_run_case+0x1a5/0x480 [ 14.019025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.019047] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.019073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.019095] ? __kthread_parkme+0x82/0x180 [ 14.019114] ? preempt_count_sub+0x50/0x80 [ 14.019136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.019160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.019194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.019217] kthread+0x337/0x6f0 [ 14.019236] ? trace_preempt_on+0x20/0xc0 [ 14.019257] ? __pfx_kthread+0x10/0x10 [ 14.019277] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.019298] ? calculate_sigpending+0x7b/0xa0 [ 14.019320] ? __pfx_kthread+0x10/0x10 [ 14.019341] ret_from_fork+0x116/0x1d0 [ 14.019367] ? __pfx_kthread+0x10/0x10 [ 14.019387] ret_from_fork_asm+0x1a/0x30 [ 14.019417] </TASK> [ 14.019428] [ 14.029037] Allocated by task 258: [ 14.029204] kasan_save_stack+0x45/0x70 [ 14.029359] kasan_save_track+0x18/0x40 [ 14.029566] kasan_save_alloc_info+0x3b/0x50 [ 14.029777] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.030056] remove_element+0x11e/0x190 [ 14.030227] mempool_alloc_preallocated+0x4d/0x90 [ 14.030383] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 14.030644] mempool_kmalloc_invalid_free+0xed/0x140 [ 14.030938] kunit_try_run_case+0x1a5/0x480 [ 14.031231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.031407] kthread+0x337/0x6f0 [ 14.031528] ret_from_fork+0x116/0x1d0 [ 14.031659] ret_from_fork_asm+0x1a/0x30 [ 14.031797] [ 14.031866] The buggy address belongs to the object at ffff888102ad4b00 [ 14.031866] which belongs to the cache kmalloc-128 of size 128 [ 14.032416] The buggy address is located 1 bytes inside of [ 14.032416] 128-byte region [ffff888102ad4b00, ffff888102ad4b80) [ 14.033089] [ 14.033164] The buggy address belongs to the physical page: [ 14.033338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 14.033786] flags: 0x200000000000000(node=0|zone=2) [ 14.034030] page_type: f5(slab) [ 14.034197] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.034575] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.035011] page dumped because: kasan: bad access detected [ 14.035190] [ 14.035260] Memory state around the buggy address: [ 14.035423] ffff888102ad4a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.035776] ffff888102ad4a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.036110] >ffff888102ad4b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.036420] ^ [ 14.036580] ffff888102ad4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.036986] ffff888102ad4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.037664] ================================================================== [ 14.045621] ================================================================== [ 14.046713] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.048047] Free of addr ffff888102b8c001 by task kunit_try_catch/260 [ 14.048544] [ 14.048896] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.048954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.048967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.048988] Call Trace: [ 14.049001] <TASK> [ 14.049015] dump_stack_lvl+0x73/0xb0 [ 14.049045] print_report+0xd1/0x610 [ 14.049066] ? __virt_addr_valid+0x1db/0x2d0 [ 14.049088] ? kasan_addr_to_slab+0x11/0xa0 [ 14.049108] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.049133] kasan_report_invalid_free+0x10a/0x130 [ 14.049156] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.049183] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.049206] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.049229] mempool_free+0x2ec/0x380 [ 14.049255] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 14.049279] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.049306] ? __pfx_sched_clock_cpu+0x10/0x10 [ 14.049326] ? finish_task_switch.isra.0+0x153/0x700 [ 14.049489] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 14.049521] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.049548] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.049571] ? __pfx_mempool_kfree+0x10/0x10 [ 14.049647] ? __pfx_read_tsc+0x10/0x10 [ 14.049670] ? ktime_get_ts64+0x86/0x230 [ 14.049695] kunit_try_run_case+0x1a5/0x480 [ 14.049754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.049776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.049798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.049821] ? __kthread_parkme+0x82/0x180 [ 14.049841] ? preempt_count_sub+0x50/0x80 [ 14.049863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.049886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.049918] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.049941] kthread+0x337/0x6f0 [ 14.049959] ? trace_preempt_on+0x20/0xc0 [ 14.049981] ? __pfx_kthread+0x10/0x10 [ 14.050000] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.050020] ? calculate_sigpending+0x7b/0xa0 [ 14.050042] ? __pfx_kthread+0x10/0x10 [ 14.050063] ret_from_fork+0x116/0x1d0 [ 14.050080] ? __pfx_kthread+0x10/0x10 [ 14.050100] ret_from_fork_asm+0x1a/0x30 [ 14.050129] </TASK> [ 14.050140] [ 14.063996] The buggy address belongs to the physical page: [ 14.064219] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b8c [ 14.064589] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.064993] flags: 0x200000000000040(head|node=0|zone=2) [ 14.065273] page_type: f8(unknown) [ 14.065552] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.065848] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.066225] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.066638] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 14.066994] head: 0200000000000002 ffffea00040ae301 00000000ffffffff 00000000ffffffff [ 14.067545] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 14.067919] page dumped because: kasan: bad access detected [ 14.068132] [ 14.068252] Memory state around the buggy address: [ 14.068578] ffff888102b8bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.068884] ffff888102b8bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.069230] >ffff888102b8c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.069614] ^ [ 14.069798] ffff888102b8c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.070105] ffff888102b8c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.070428] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.974667] ================================================================== [ 13.975169] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.975462] Free of addr ffff888102b8c000 by task kunit_try_catch/254 [ 13.975768] [ 13.975886] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.975943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.975954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.975976] Call Trace: [ 13.975988] <TASK> [ 13.976003] dump_stack_lvl+0x73/0xb0 [ 13.976033] print_report+0xd1/0x610 [ 13.976054] ? __virt_addr_valid+0x1db/0x2d0 [ 13.976078] ? kasan_addr_to_slab+0x11/0xa0 [ 13.976097] ? mempool_double_free_helper+0x184/0x370 [ 13.976121] kasan_report_invalid_free+0x10a/0x130 [ 13.976144] ? mempool_double_free_helper+0x184/0x370 [ 13.976170] ? mempool_double_free_helper+0x184/0x370 [ 13.976191] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.976214] mempool_free+0x2ec/0x380 [ 13.976241] mempool_double_free_helper+0x184/0x370 [ 13.976265] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.976287] ? update_load_avg+0x1be/0x21b0 [ 13.976310] ? dequeue_entities+0x27e/0x1740 [ 13.976335] ? finish_task_switch.isra.0+0x153/0x700 [ 13.976359] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.976383] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.976409] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.976432] ? __pfx_mempool_kfree+0x10/0x10 [ 13.976456] ? __pfx_read_tsc+0x10/0x10 [ 13.976476] ? ktime_get_ts64+0x86/0x230 [ 13.976499] kunit_try_run_case+0x1a5/0x480 [ 13.976524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.976545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.976569] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.976591] ? __kthread_parkme+0x82/0x180 [ 13.976611] ? preempt_count_sub+0x50/0x80 [ 13.976633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.976656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.976678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.976701] kthread+0x337/0x6f0 [ 13.976719] ? recalc_sigpending+0x168/0x1f0 [ 13.976743] ? __pfx_kthread+0x10/0x10 [ 13.976950] ? calculate_sigpending+0x7b/0xa0 [ 13.976973] ? __pfx_kthread+0x10/0x10 [ 13.976995] ret_from_fork+0x116/0x1d0 [ 13.977014] ? __pfx_kthread+0x10/0x10 [ 13.977033] ret_from_fork_asm+0x1a/0x30 [ 13.977064] </TASK> [ 13.977075] [ 13.985872] The buggy address belongs to the physical page: [ 13.986147] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b8c [ 13.986448] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.986692] flags: 0x200000000000040(head|node=0|zone=2) [ 13.986967] page_type: f8(unknown) [ 13.987154] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.987492] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.987745] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.987986] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.988227] head: 0200000000000002 ffffea00040ae301 00000000ffffffff 00000000ffffffff [ 13.988568] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.989057] page dumped because: kasan: bad access detected [ 13.989331] [ 13.989477] Memory state around the buggy address: [ 13.989705] ffff888102b8bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.989976] ffff888102b8bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.990296] >ffff888102b8c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.990623] ^ [ 13.990826] ffff888102b8c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.991057] ffff888102b8c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.991274] ================================================================== [ 13.936536] ================================================================== [ 13.937110] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.937397] Free of addr ffff888102747100 by task kunit_try_catch/252 [ 13.937706] [ 13.937802] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.937845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.937856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.937878] Call Trace: [ 13.937889] <TASK> [ 13.937915] dump_stack_lvl+0x73/0xb0 [ 13.937943] print_report+0xd1/0x610 [ 13.937964] ? __virt_addr_valid+0x1db/0x2d0 [ 13.937987] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.938007] ? mempool_double_free_helper+0x184/0x370 [ 13.938031] kasan_report_invalid_free+0x10a/0x130 [ 13.938055] ? mempool_double_free_helper+0x184/0x370 [ 13.938147] ? mempool_double_free_helper+0x184/0x370 [ 13.938183] ? mempool_double_free_helper+0x184/0x370 [ 13.938205] check_slab_allocation+0x101/0x130 [ 13.938225] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.938249] mempool_free+0x2ec/0x380 [ 13.938275] mempool_double_free_helper+0x184/0x370 [ 13.938298] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.938320] ? update_load_avg+0x1be/0x21b0 [ 13.938342] ? update_load_avg+0x1be/0x21b0 [ 13.938363] ? update_curr+0x80/0x810 [ 13.938385] ? finish_task_switch.isra.0+0x153/0x700 [ 13.938409] mempool_kmalloc_double_free+0xed/0x140 [ 13.938432] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.938458] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.938479] ? __pfx_mempool_kfree+0x10/0x10 [ 13.938503] ? __pfx_read_tsc+0x10/0x10 [ 13.938523] ? ktime_get_ts64+0x86/0x230 [ 13.938558] kunit_try_run_case+0x1a5/0x480 [ 13.938581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.938602] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.938625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.938647] ? __kthread_parkme+0x82/0x180 [ 13.938666] ? preempt_count_sub+0x50/0x80 [ 13.938687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.938710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.938745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.938768] kthread+0x337/0x6f0 [ 13.938787] ? trace_preempt_on+0x20/0xc0 [ 13.938809] ? __pfx_kthread+0x10/0x10 [ 13.938829] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.938850] ? calculate_sigpending+0x7b/0xa0 [ 13.938872] ? __pfx_kthread+0x10/0x10 [ 13.938892] ret_from_fork+0x116/0x1d0 [ 13.938920] ? __pfx_kthread+0x10/0x10 [ 13.938939] ret_from_fork_asm+0x1a/0x30 [ 13.938968] </TASK> [ 13.938978] [ 13.951797] Allocated by task 252: [ 13.952655] kasan_save_stack+0x45/0x70 [ 13.953395] kasan_save_track+0x18/0x40 [ 13.954131] kasan_save_alloc_info+0x3b/0x50 [ 13.954879] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.955554] remove_element+0x11e/0x190 [ 13.956238] mempool_alloc_preallocated+0x4d/0x90 [ 13.957090] mempool_double_free_helper+0x8a/0x370 [ 13.957822] mempool_kmalloc_double_free+0xed/0x140 [ 13.958825] kunit_try_run_case+0x1a5/0x480 [ 13.959295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.960202] kthread+0x337/0x6f0 [ 13.960809] ret_from_fork+0x116/0x1d0 [ 13.961199] ret_from_fork_asm+0x1a/0x30 [ 13.961426] [ 13.961527] Freed by task 252: [ 13.961686] kasan_save_stack+0x45/0x70 [ 13.961888] kasan_save_track+0x18/0x40 [ 13.962093] kasan_save_free_info+0x3f/0x60 [ 13.962302] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.962545] mempool_free+0x2ec/0x380 [ 13.962738] mempool_double_free_helper+0x109/0x370 [ 13.963213] mempool_kmalloc_double_free+0xed/0x140 [ 13.963529] kunit_try_run_case+0x1a5/0x480 [ 13.963770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.964010] kthread+0x337/0x6f0 [ 13.964183] ret_from_fork+0x116/0x1d0 [ 13.964439] ret_from_fork_asm+0x1a/0x30 [ 13.964594] [ 13.964685] The buggy address belongs to the object at ffff888102747100 [ 13.964685] which belongs to the cache kmalloc-128 of size 128 [ 13.965242] The buggy address is located 0 bytes inside of [ 13.965242] 128-byte region [ffff888102747100, ffff888102747180) [ 13.965813] [ 13.965925] The buggy address belongs to the physical page: [ 13.966210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102747 [ 13.966791] flags: 0x200000000000000(node=0|zone=2) [ 13.967077] page_type: f5(slab) [ 13.967251] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.967672] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.968040] page dumped because: kasan: bad access detected [ 13.968240] [ 13.968419] Memory state around the buggy address: [ 13.968636] ffff888102747000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.969004] ffff888102747080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.969302] >ffff888102747100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.969713] ^ [ 13.969892] ffff888102747180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.970217] ffff888102747200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.970716] ================================================================== [ 13.996583] ================================================================== [ 13.997318] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.997684] Free of addr ffff888102b8c000 by task kunit_try_catch/256 [ 13.997973] [ 13.998058] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.998100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.998111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.998131] Call Trace: [ 13.998141] <TASK> [ 13.998155] dump_stack_lvl+0x73/0xb0 [ 13.998181] print_report+0xd1/0x610 [ 13.998201] ? __virt_addr_valid+0x1db/0x2d0 [ 13.998225] ? kasan_addr_to_slab+0x11/0xa0 [ 13.998244] ? mempool_double_free_helper+0x184/0x370 [ 13.998267] kasan_report_invalid_free+0x10a/0x130 [ 13.998290] ? mempool_double_free_helper+0x184/0x370 [ 13.998315] ? mempool_double_free_helper+0x184/0x370 [ 13.998337] __kasan_mempool_poison_pages+0x115/0x130 [ 13.998361] mempool_free+0x290/0x380 [ 13.998387] mempool_double_free_helper+0x184/0x370 [ 13.998410] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.998434] ? __kasan_check_write+0x18/0x20 [ 13.998453] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.998473] ? finish_task_switch.isra.0+0x153/0x700 [ 13.998498] mempool_page_alloc_double_free+0xe8/0x140 [ 13.998521] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.998549] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.998571] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.998596] ? __pfx_read_tsc+0x10/0x10 [ 13.998616] ? ktime_get_ts64+0x86/0x230 [ 13.998639] kunit_try_run_case+0x1a5/0x480 [ 13.998663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.998684] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.998706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.998729] ? __kthread_parkme+0x82/0x180 [ 13.998749] ? preempt_count_sub+0x50/0x80 [ 13.998771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.998794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.998816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.998839] kthread+0x337/0x6f0 [ 13.998857] ? trace_preempt_on+0x20/0xc0 [ 13.998880] ? __pfx_kthread+0x10/0x10 [ 13.998929] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.998949] ? calculate_sigpending+0x7b/0xa0 [ 13.998972] ? __pfx_kthread+0x10/0x10 [ 13.998992] ret_from_fork+0x116/0x1d0 [ 13.999008] ? __pfx_kthread+0x10/0x10 [ 13.999027] ret_from_fork_asm+0x1a/0x30 [ 13.999064] </TASK> [ 13.999074] [ 14.007597] The buggy address belongs to the physical page: [ 14.007871] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b8c [ 14.008179] flags: 0x200000000000000(node=0|zone=2) [ 14.008407] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.008753] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.009060] page dumped because: kasan: bad access detected [ 14.009259] [ 14.009328] Memory state around the buggy address: [ 14.009552] ffff888102b8bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.009926] ffff888102b8bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.010141] >ffff888102b8c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.010349] ^ [ 14.010463] ffff888102b8c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.010693] ffff888102b8c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.011012] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.856070] ================================================================== [ 13.856576] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.857041] Read of size 1 at addr ffff888103ac0000 by task kunit_try_catch/246 [ 13.857267] [ 13.857411] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.857458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.857470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.857492] Call Trace: [ 13.857506] <TASK> [ 13.857521] dump_stack_lvl+0x73/0xb0 [ 13.857550] print_report+0xd1/0x610 [ 13.857571] ? __virt_addr_valid+0x1db/0x2d0 [ 13.857592] ? mempool_uaf_helper+0x392/0x400 [ 13.857614] ? kasan_addr_to_slab+0x11/0xa0 [ 13.857633] ? mempool_uaf_helper+0x392/0x400 [ 13.857654] kasan_report+0x141/0x180 [ 13.857676] ? mempool_uaf_helper+0x392/0x400 [ 13.857702] __asan_report_load1_noabort+0x18/0x20 [ 13.857725] mempool_uaf_helper+0x392/0x400 [ 13.857748] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.857768] ? update_load_avg+0x1be/0x21b0 [ 13.857791] ? dequeue_entities+0x27e/0x1740 [ 13.857830] ? finish_task_switch.isra.0+0x153/0x700 [ 13.857855] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.857876] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.857902] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.857936] ? __pfx_mempool_kfree+0x10/0x10 [ 13.857960] ? __pfx_read_tsc+0x10/0x10 [ 13.857980] ? ktime_get_ts64+0x86/0x230 [ 13.858004] kunit_try_run_case+0x1a5/0x480 [ 13.858027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.858048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.858071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.858092] ? __kthread_parkme+0x82/0x180 [ 13.858112] ? preempt_count_sub+0x50/0x80 [ 13.858133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.858156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.858178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.858200] kthread+0x337/0x6f0 [ 13.858219] ? trace_preempt_on+0x20/0xc0 [ 13.858241] ? __pfx_kthread+0x10/0x10 [ 13.858260] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.858281] ? calculate_sigpending+0x7b/0xa0 [ 13.858303] ? __pfx_kthread+0x10/0x10 [ 13.858323] ret_from_fork+0x116/0x1d0 [ 13.858341] ? __pfx_kthread+0x10/0x10 [ 13.858410] ret_from_fork_asm+0x1a/0x30 [ 13.858439] </TASK> [ 13.858449] [ 13.872256] The buggy address belongs to the physical page: [ 13.872504] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ac0 [ 13.872867] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.873126] flags: 0x200000000000040(head|node=0|zone=2) [ 13.873383] page_type: f8(unknown) [ 13.873552] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.873872] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.874174] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.874478] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.874740] head: 0200000000000002 ffffea00040eb001 00000000ffffffff 00000000ffffffff [ 13.874980] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.875318] page dumped because: kasan: bad access detected [ 13.875787] [ 13.875881] Memory state around the buggy address: [ 13.876050] ffff888103abff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.876421] ffff888103abff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.876810] >ffff888103ac0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.877094] ^ [ 13.877244] ffff888103ac0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.877629] ffff888103ac0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.877954] ================================================================== [ 13.914047] ================================================================== [ 13.914464] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.914865] Read of size 1 at addr ffff888102b8c000 by task kunit_try_catch/250 [ 13.915319] [ 13.915747] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.915808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.915819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.915841] Call Trace: [ 13.915853] <TASK> [ 13.915868] dump_stack_lvl+0x73/0xb0 [ 13.915900] print_report+0xd1/0x610 [ 13.915934] ? __virt_addr_valid+0x1db/0x2d0 [ 13.915957] ? mempool_uaf_helper+0x392/0x400 [ 13.915978] ? kasan_addr_to_slab+0x11/0xa0 [ 13.915998] ? mempool_uaf_helper+0x392/0x400 [ 13.916021] kasan_report+0x141/0x180 [ 13.916042] ? mempool_uaf_helper+0x392/0x400 [ 13.916070] __asan_report_load1_noabort+0x18/0x20 [ 13.916093] mempool_uaf_helper+0x392/0x400 [ 13.916115] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.916138] ? __kasan_check_write+0x18/0x20 [ 13.916156] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.916178] ? finish_task_switch.isra.0+0x153/0x700 [ 13.916203] mempool_page_alloc_uaf+0xed/0x140 [ 13.916226] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.916251] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.916275] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.916300] ? __pfx_read_tsc+0x10/0x10 [ 13.916320] ? ktime_get_ts64+0x86/0x230 [ 13.916343] kunit_try_run_case+0x1a5/0x480 [ 13.916367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.916388] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.916411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.916434] ? __kthread_parkme+0x82/0x180 [ 13.916453] ? preempt_count_sub+0x50/0x80 [ 13.916474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.916497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.916520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.916542] kthread+0x337/0x6f0 [ 13.916560] ? trace_preempt_on+0x20/0xc0 [ 13.916583] ? __pfx_kthread+0x10/0x10 [ 13.916602] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.916623] ? calculate_sigpending+0x7b/0xa0 [ 13.916646] ? __pfx_kthread+0x10/0x10 [ 13.916666] ret_from_fork+0x116/0x1d0 [ 13.916684] ? __pfx_kthread+0x10/0x10 [ 13.916703] ret_from_fork_asm+0x1a/0x30 [ 13.916733] </TASK> [ 13.916743] [ 13.925418] The buggy address belongs to the physical page: [ 13.925693] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b8c [ 13.926037] flags: 0x200000000000000(node=0|zone=2) [ 13.926223] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.926828] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.927131] page dumped because: kasan: bad access detected [ 13.927347] [ 13.927443] Memory state around the buggy address: [ 13.927639] ffff888102b8bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.927963] ffff888102b8bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.928223] >ffff888102b8c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.928503] ^ [ 13.928655] ffff888102b8c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.929035] ffff888102b8c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.929258] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.819949] ================================================================== [ 13.820448] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.820857] Read of size 1 at addr ffff888102ad4700 by task kunit_try_catch/244 [ 13.821709] [ 13.821937] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.822092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.822108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.822131] Call Trace: [ 13.822144] <TASK> [ 13.822160] dump_stack_lvl+0x73/0xb0 [ 13.822192] print_report+0xd1/0x610 [ 13.822214] ? __virt_addr_valid+0x1db/0x2d0 [ 13.822237] ? mempool_uaf_helper+0x392/0x400 [ 13.822258] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.822279] ? mempool_uaf_helper+0x392/0x400 [ 13.822301] kasan_report+0x141/0x180 [ 13.822322] ? mempool_uaf_helper+0x392/0x400 [ 13.822348] __asan_report_load1_noabort+0x18/0x20 [ 13.822383] mempool_uaf_helper+0x392/0x400 [ 13.822406] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.822429] ? __kasan_check_write+0x18/0x20 [ 13.822447] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.822468] ? finish_task_switch.isra.0+0x153/0x700 [ 13.822493] mempool_kmalloc_uaf+0xef/0x140 [ 13.822514] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.822538] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.822560] ? __pfx_mempool_kfree+0x10/0x10 [ 13.822584] ? __pfx_read_tsc+0x10/0x10 [ 13.822604] ? ktime_get_ts64+0x86/0x230 [ 13.822628] kunit_try_run_case+0x1a5/0x480 [ 13.822651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.822673] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.822696] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.822719] ? __kthread_parkme+0x82/0x180 [ 13.822739] ? preempt_count_sub+0x50/0x80 [ 13.822761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.822783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.822805] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.822828] kthread+0x337/0x6f0 [ 13.822846] ? trace_preempt_on+0x20/0xc0 [ 13.822869] ? __pfx_kthread+0x10/0x10 [ 13.822889] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.822923] ? calculate_sigpending+0x7b/0xa0 [ 13.822947] ? __pfx_kthread+0x10/0x10 [ 13.822967] ret_from_fork+0x116/0x1d0 [ 13.822985] ? __pfx_kthread+0x10/0x10 [ 13.823004] ret_from_fork_asm+0x1a/0x30 [ 13.823034] </TASK> [ 13.823045] [ 13.835519] Allocated by task 244: [ 13.835656] kasan_save_stack+0x45/0x70 [ 13.835807] kasan_save_track+0x18/0x40 [ 13.836056] kasan_save_alloc_info+0x3b/0x50 [ 13.836517] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.836799] remove_element+0x11e/0x190 [ 13.837220] mempool_alloc_preallocated+0x4d/0x90 [ 13.837644] mempool_uaf_helper+0x96/0x400 [ 13.838026] mempool_kmalloc_uaf+0xef/0x140 [ 13.838174] kunit_try_run_case+0x1a5/0x480 [ 13.838320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.838898] kthread+0x337/0x6f0 [ 13.839235] ret_from_fork+0x116/0x1d0 [ 13.839654] ret_from_fork_asm+0x1a/0x30 [ 13.840037] [ 13.840110] Freed by task 244: [ 13.840224] kasan_save_stack+0x45/0x70 [ 13.840630] kasan_save_track+0x18/0x40 [ 13.841048] kasan_save_free_info+0x3f/0x60 [ 13.841511] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.842010] mempool_free+0x2ec/0x380 [ 13.842249] mempool_uaf_helper+0x11a/0x400 [ 13.842566] mempool_kmalloc_uaf+0xef/0x140 [ 13.842839] kunit_try_run_case+0x1a5/0x480 [ 13.843255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.843651] kthread+0x337/0x6f0 [ 13.844007] ret_from_fork+0x116/0x1d0 [ 13.844188] ret_from_fork_asm+0x1a/0x30 [ 13.844589] [ 13.844783] The buggy address belongs to the object at ffff888102ad4700 [ 13.844783] which belongs to the cache kmalloc-128 of size 128 [ 13.845257] The buggy address is located 0 bytes inside of [ 13.845257] freed 128-byte region [ffff888102ad4700, ffff888102ad4780) [ 13.846471] [ 13.846639] The buggy address belongs to the physical page: [ 13.847153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 13.847616] flags: 0x200000000000000(node=0|zone=2) [ 13.848094] page_type: f5(slab) [ 13.848457] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.848775] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.849469] page dumped because: kasan: bad access detected [ 13.849845] [ 13.849991] Memory state around the buggy address: [ 13.850313] ffff888102ad4600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.850943] ffff888102ad4680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.851361] >ffff888102ad4700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.851574] ^ [ 13.851689] ffff888102ad4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.851914] ffff888102ad4800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.852193] ================================================================== [ 13.883945] ================================================================== [ 13.884435] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.885018] Read of size 1 at addr ffff888103af1240 by task kunit_try_catch/248 [ 13.885318] [ 13.885533] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.885579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.885591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.885613] Call Trace: [ 13.885626] <TASK> [ 13.885640] dump_stack_lvl+0x73/0xb0 [ 13.885670] print_report+0xd1/0x610 [ 13.885692] ? __virt_addr_valid+0x1db/0x2d0 [ 13.885715] ? mempool_uaf_helper+0x392/0x400 [ 13.885737] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.885758] ? mempool_uaf_helper+0x392/0x400 [ 13.885780] kasan_report+0x141/0x180 [ 13.885801] ? mempool_uaf_helper+0x392/0x400 [ 13.885827] __asan_report_load1_noabort+0x18/0x20 [ 13.885850] mempool_uaf_helper+0x392/0x400 [ 13.885872] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.885901] mempool_slab_uaf+0xea/0x140 [ 13.885937] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.885959] ? schedule+0x7c/0x2e0 [ 13.885980] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.886005] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.886030] ? __pfx_read_tsc+0x10/0x10 [ 13.886050] ? ktime_get_ts64+0x86/0x230 [ 13.886074] kunit_try_run_case+0x1a5/0x480 [ 13.886098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.886120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.886143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.886165] ? __kthread_parkme+0x82/0x180 [ 13.886185] ? preempt_count_sub+0x50/0x80 [ 13.886208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.886232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.886254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.886277] kthread+0x337/0x6f0 [ 13.886296] ? trace_preempt_on+0x20/0xc0 [ 13.886318] ? __pfx_kthread+0x10/0x10 [ 13.886338] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.886400] ? calculate_sigpending+0x7b/0xa0 [ 13.886424] ? __pfx_kthread+0x10/0x10 [ 13.886445] ret_from_fork+0x116/0x1d0 [ 13.886463] ? __pfx_kthread+0x10/0x10 [ 13.886484] ret_from_fork_asm+0x1a/0x30 [ 13.886515] </TASK> [ 13.886525] [ 13.893919] Allocated by task 248: [ 13.894374] kasan_save_stack+0x45/0x70 [ 13.894596] kasan_save_track+0x18/0x40 [ 13.894990] kasan_save_alloc_info+0x3b/0x50 [ 13.895219] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.895667] remove_element+0x11e/0x190 [ 13.895885] mempool_alloc_preallocated+0x4d/0x90 [ 13.896132] mempool_uaf_helper+0x96/0x400 [ 13.896312] mempool_slab_uaf+0xea/0x140 [ 13.896612] kunit_try_run_case+0x1a5/0x480 [ 13.896983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.897185] kthread+0x337/0x6f0 [ 13.897307] ret_from_fork+0x116/0x1d0 [ 13.897438] ret_from_fork_asm+0x1a/0x30 [ 13.897577] [ 13.897647] Freed by task 248: [ 13.897773] kasan_save_stack+0x45/0x70 [ 13.897975] kasan_save_track+0x18/0x40 [ 13.898170] kasan_save_free_info+0x3f/0x60 [ 13.898597] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.898803] mempool_free+0x2ec/0x380 [ 13.898972] mempool_uaf_helper+0x11a/0x400 [ 13.899122] mempool_slab_uaf+0xea/0x140 [ 13.899262] kunit_try_run_case+0x1a5/0x480 [ 13.899408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.900033] kthread+0x337/0x6f0 [ 13.900227] ret_from_fork+0x116/0x1d0 [ 13.900528] ret_from_fork_asm+0x1a/0x30 [ 13.900763] [ 13.900860] The buggy address belongs to the object at ffff888103af1240 [ 13.900860] which belongs to the cache test_cache of size 123 [ 13.901466] The buggy address is located 0 bytes inside of [ 13.901466] freed 123-byte region [ffff888103af1240, ffff888103af12bb) [ 13.902171] [ 13.902247] The buggy address belongs to the physical page: [ 13.902423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103af1 [ 13.902781] flags: 0x200000000000000(node=0|zone=2) [ 13.903057] page_type: f5(slab) [ 13.903228] raw: 0200000000000000 ffff8881015acc80 dead000000000122 0000000000000000 [ 13.903568] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.903796] page dumped because: kasan: bad access detected [ 13.904051] [ 13.904142] Memory state around the buggy address: [ 13.904409] ffff888103af1100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.904770] ffff888103af1180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.905012] >ffff888103af1200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.905232] ^ [ 13.905402] ffff888103af1280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.905719] ffff888103af1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.906240] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.725010] ================================================================== [ 13.725698] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.726193] Read of size 1 at addr ffff88810272bd73 by task kunit_try_catch/238 [ 13.726615] [ 13.726754] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.726804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.726816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.726837] Call Trace: [ 13.726852] <TASK> [ 13.726870] dump_stack_lvl+0x73/0xb0 [ 13.726902] print_report+0xd1/0x610 [ 13.726937] ? __virt_addr_valid+0x1db/0x2d0 [ 13.726962] ? mempool_oob_right_helper+0x318/0x380 [ 13.726984] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.727006] ? mempool_oob_right_helper+0x318/0x380 [ 13.727028] kasan_report+0x141/0x180 [ 13.727049] ? mempool_oob_right_helper+0x318/0x380 [ 13.727303] __asan_report_load1_noabort+0x18/0x20 [ 13.727335] mempool_oob_right_helper+0x318/0x380 [ 13.727361] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.727384] ? __kasan_check_write+0x18/0x20 [ 13.727403] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.727425] ? irqentry_exit+0x2a/0x60 [ 13.727446] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.727472] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.727494] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.727519] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.727544] ? __pfx_mempool_kfree+0x10/0x10 [ 13.727568] ? __pfx_read_tsc+0x10/0x10 [ 13.727589] ? ktime_get_ts64+0x86/0x230 [ 13.727613] kunit_try_run_case+0x1a5/0x480 [ 13.727639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.727661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.727700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.727723] ? __kthread_parkme+0x82/0x180 [ 13.727743] ? preempt_count_sub+0x50/0x80 [ 13.727767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.727790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.727812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.727834] kthread+0x337/0x6f0 [ 13.727853] ? trace_preempt_on+0x20/0xc0 [ 13.727876] ? __pfx_kthread+0x10/0x10 [ 13.727895] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.727926] ? calculate_sigpending+0x7b/0xa0 [ 13.727950] ? __pfx_kthread+0x10/0x10 [ 13.727971] ret_from_fork+0x116/0x1d0 [ 13.727989] ? __pfx_kthread+0x10/0x10 [ 13.728008] ret_from_fork_asm+0x1a/0x30 [ 13.728040] </TASK> [ 13.728051] [ 13.740367] Allocated by task 238: [ 13.740650] kasan_save_stack+0x45/0x70 [ 13.740934] kasan_save_track+0x18/0x40 [ 13.741076] kasan_save_alloc_info+0x3b/0x50 [ 13.741286] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.741501] remove_element+0x11e/0x190 [ 13.741776] mempool_alloc_preallocated+0x4d/0x90 [ 13.742006] mempool_oob_right_helper+0x8a/0x380 [ 13.742181] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.742371] kunit_try_run_case+0x1a5/0x480 [ 13.742649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.742818] kthread+0x337/0x6f0 [ 13.743235] ret_from_fork+0x116/0x1d0 [ 13.743483] ret_from_fork_asm+0x1a/0x30 [ 13.743646] [ 13.743718] The buggy address belongs to the object at ffff88810272bd00 [ 13.743718] which belongs to the cache kmalloc-128 of size 128 [ 13.744485] The buggy address is located 0 bytes to the right of [ 13.744485] allocated 115-byte region [ffff88810272bd00, ffff88810272bd73) [ 13.745152] [ 13.745255] The buggy address belongs to the physical page: [ 13.745594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272b [ 13.746003] flags: 0x200000000000000(node=0|zone=2) [ 13.746252] page_type: f5(slab) [ 13.746384] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.746691] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.747086] page dumped because: kasan: bad access detected [ 13.747291] [ 13.747511] Memory state around the buggy address: [ 13.747878] ffff88810272bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.748171] ffff88810272bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.748548] >ffff88810272bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.748921] ^ [ 13.749195] ffff88810272bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.749618] ffff88810272be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.749987] ================================================================== [ 13.782587] ================================================================== [ 13.783658] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.784074] Read of size 1 at addr ffff888103af02bb by task kunit_try_catch/242 [ 13.784518] [ 13.784654] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.784700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.784712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.784733] Call Trace: [ 13.784776] <TASK> [ 13.784818] dump_stack_lvl+0x73/0xb0 [ 13.784848] print_report+0xd1/0x610 [ 13.784895] ? __virt_addr_valid+0x1db/0x2d0 [ 13.784928] ? mempool_oob_right_helper+0x318/0x380 [ 13.784951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.784972] ? mempool_oob_right_helper+0x318/0x380 [ 13.784994] kasan_report+0x141/0x180 [ 13.785015] ? mempool_oob_right_helper+0x318/0x380 [ 13.785044] __asan_report_load1_noabort+0x18/0x20 [ 13.785067] mempool_oob_right_helper+0x318/0x380 [ 13.785089] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.785114] ? __pfx_sched_clock_cpu+0x10/0x10 [ 13.785135] ? finish_task_switch.isra.0+0x153/0x700 [ 13.785161] mempool_slab_oob_right+0xed/0x140 [ 13.785183] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.785208] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.785232] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.785257] ? __pfx_read_tsc+0x10/0x10 [ 13.785277] ? ktime_get_ts64+0x86/0x230 [ 13.785301] kunit_try_run_case+0x1a5/0x480 [ 13.785325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.785388] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.785415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.785437] ? __kthread_parkme+0x82/0x180 [ 13.785457] ? preempt_count_sub+0x50/0x80 [ 13.785479] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.785502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.785524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.785546] kthread+0x337/0x6f0 [ 13.785565] ? trace_preempt_on+0x20/0xc0 [ 13.785586] ? __pfx_kthread+0x10/0x10 [ 13.785606] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.785626] ? calculate_sigpending+0x7b/0xa0 [ 13.785648] ? __pfx_kthread+0x10/0x10 [ 13.785669] ret_from_fork+0x116/0x1d0 [ 13.785700] ? __pfx_kthread+0x10/0x10 [ 13.785719] ret_from_fork_asm+0x1a/0x30 [ 13.785750] </TASK> [ 13.785761] [ 13.798324] Allocated by task 242: [ 13.798514] kasan_save_stack+0x45/0x70 [ 13.799059] kasan_save_track+0x18/0x40 [ 13.799248] kasan_save_alloc_info+0x3b/0x50 [ 13.799596] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.800030] remove_element+0x11e/0x190 [ 13.800189] mempool_alloc_preallocated+0x4d/0x90 [ 13.800637] mempool_oob_right_helper+0x8a/0x380 [ 13.800986] mempool_slab_oob_right+0xed/0x140 [ 13.801219] kunit_try_run_case+0x1a5/0x480 [ 13.801635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.802074] kthread+0x337/0x6f0 [ 13.802340] ret_from_fork+0x116/0x1d0 [ 13.802849] ret_from_fork_asm+0x1a/0x30 [ 13.803144] [ 13.803225] The buggy address belongs to the object at ffff888103af0240 [ 13.803225] which belongs to the cache test_cache of size 123 [ 13.804128] The buggy address is located 0 bytes to the right of [ 13.804128] allocated 123-byte region [ffff888103af0240, ffff888103af02bb) [ 13.804965] [ 13.805050] The buggy address belongs to the physical page: [ 13.805300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103af0 [ 13.805931] flags: 0x200000000000000(node=0|zone=2) [ 13.806267] page_type: f5(slab) [ 13.806653] raw: 0200000000000000 ffff8881015acb40 dead000000000122 0000000000000000 [ 13.807124] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.807792] page dumped because: kasan: bad access detected [ 13.808055] [ 13.808148] Memory state around the buggy address: [ 13.808633] ffff888103af0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.809064] ffff888103af0200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.809608] >ffff888103af0280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.810054] ^ [ 13.810424] ffff888103af0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.810875] ffff888103af0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.811291] ================================================================== [ 13.752866] ================================================================== [ 13.753804] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.754229] Read of size 1 at addr ffff888103abe001 by task kunit_try_catch/240 [ 13.754585] [ 13.754700] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.754742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.754753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.754773] Call Trace: [ 13.754784] <TASK> [ 13.754800] dump_stack_lvl+0x73/0xb0 [ 13.754828] print_report+0xd1/0x610 [ 13.754849] ? __virt_addr_valid+0x1db/0x2d0 [ 13.754871] ? mempool_oob_right_helper+0x318/0x380 [ 13.754926] ? kasan_addr_to_slab+0x11/0xa0 [ 13.754947] ? mempool_oob_right_helper+0x318/0x380 [ 13.754969] kasan_report+0x141/0x180 [ 13.754991] ? mempool_oob_right_helper+0x318/0x380 [ 13.755017] __asan_report_load1_noabort+0x18/0x20 [ 13.755041] mempool_oob_right_helper+0x318/0x380 [ 13.755074] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.755096] ? update_load_avg+0x1be/0x21b0 [ 13.755124] ? finish_task_switch.isra.0+0x153/0x700 [ 13.755167] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.755191] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.755217] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.755239] ? __pfx_mempool_kfree+0x10/0x10 [ 13.755263] ? __pfx_read_tsc+0x10/0x10 [ 13.755284] ? ktime_get_ts64+0x86/0x230 [ 13.755306] kunit_try_run_case+0x1a5/0x480 [ 13.755329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.755351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.755373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.755395] ? __kthread_parkme+0x82/0x180 [ 13.755431] ? preempt_count_sub+0x50/0x80 [ 13.755454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.755476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.755498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.755521] kthread+0x337/0x6f0 [ 13.755540] ? trace_preempt_on+0x20/0xc0 [ 13.755561] ? __pfx_kthread+0x10/0x10 [ 13.755581] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.755602] ? calculate_sigpending+0x7b/0xa0 [ 13.755624] ? __pfx_kthread+0x10/0x10 [ 13.755645] ret_from_fork+0x116/0x1d0 [ 13.755662] ? __pfx_kthread+0x10/0x10 [ 13.755681] ret_from_fork_asm+0x1a/0x30 [ 13.755710] </TASK> [ 13.755720] [ 13.767618] The buggy address belongs to the physical page: [ 13.768368] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103abc [ 13.769218] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.769728] flags: 0x200000000000040(head|node=0|zone=2) [ 13.769927] page_type: f8(unknown) [ 13.770056] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.770288] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.770534] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.771180] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.772077] head: 0200000000000002 ffffea00040eaf01 00000000ffffffff 00000000ffffffff [ 13.772895] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.773702] page dumped because: kasan: bad access detected [ 13.774269] [ 13.774447] Memory state around the buggy address: [ 13.775044] ffff888103abdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.775632] ffff888103abdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.776152] >ffff888103abe000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.776878] ^ [ 13.777016] ffff888103abe080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.777757] ffff888103abe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.778201] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.156006] ================================================================== [ 13.156431] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 13.157181] Read of size 1 at addr ffff8881015ac780 by task kunit_try_catch/232 [ 13.158053] [ 13.158183] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.158229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.158241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.158263] Call Trace: [ 13.158275] <TASK> [ 13.158292] dump_stack_lvl+0x73/0xb0 [ 13.158324] print_report+0xd1/0x610 [ 13.158345] ? __virt_addr_valid+0x1db/0x2d0 [ 13.158370] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.158393] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.158414] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.158437] kasan_report+0x141/0x180 [ 13.158459] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.158485] ? kmem_cache_double_destroy+0x1bf/0x380 [ 13.158508] __kasan_check_byte+0x3d/0x50 [ 13.158529] kmem_cache_destroy+0x25/0x1d0 [ 13.158550] kmem_cache_double_destroy+0x1bf/0x380 [ 13.158573] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.158596] ? finish_task_switch.isra.0+0x153/0x700 [ 13.158618] ? __switch_to+0x47/0xf50 [ 13.158646] ? __pfx_read_tsc+0x10/0x10 [ 13.158665] ? ktime_get_ts64+0x86/0x230 [ 13.158797] kunit_try_run_case+0x1a5/0x480 [ 13.158949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.158972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.158997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.159019] ? __kthread_parkme+0x82/0x180 [ 13.159041] ? preempt_count_sub+0x50/0x80 [ 13.159066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.159088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.159110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.159132] kthread+0x337/0x6f0 [ 13.159151] ? trace_preempt_on+0x20/0xc0 [ 13.159173] ? __pfx_kthread+0x10/0x10 [ 13.159193] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.159213] ? calculate_sigpending+0x7b/0xa0 [ 13.159237] ? __pfx_kthread+0x10/0x10 [ 13.159257] ret_from_fork+0x116/0x1d0 [ 13.159275] ? __pfx_kthread+0x10/0x10 [ 13.159295] ret_from_fork_asm+0x1a/0x30 [ 13.159325] </TASK> [ 13.159336] [ 13.170343] Allocated by task 232: [ 13.170481] kasan_save_stack+0x45/0x70 [ 13.170685] kasan_save_track+0x18/0x40 [ 13.170883] kasan_save_alloc_info+0x3b/0x50 [ 13.171110] __kasan_slab_alloc+0x91/0xa0 [ 13.171292] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.171515] __kmem_cache_create_args+0x169/0x240 [ 13.171950] kmem_cache_double_destroy+0xd5/0x380 [ 13.172163] kunit_try_run_case+0x1a5/0x480 [ 13.172319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.172571] kthread+0x337/0x6f0 [ 13.172791] ret_from_fork+0x116/0x1d0 [ 13.172939] ret_from_fork_asm+0x1a/0x30 [ 13.173077] [ 13.173145] Freed by task 232: [ 13.173255] kasan_save_stack+0x45/0x70 [ 13.173535] kasan_save_track+0x18/0x40 [ 13.173732] kasan_save_free_info+0x3f/0x60 [ 13.173947] __kasan_slab_free+0x56/0x70 [ 13.174140] kmem_cache_free+0x249/0x420 [ 13.174356] slab_kmem_cache_release+0x2e/0x40 [ 13.174582] kmem_cache_release+0x16/0x20 [ 13.174772] kobject_put+0x181/0x450 [ 13.174904] sysfs_slab_release+0x16/0x20 [ 13.175061] kmem_cache_destroy+0xf0/0x1d0 [ 13.175570] kmem_cache_double_destroy+0x14e/0x380 [ 13.176237] kunit_try_run_case+0x1a5/0x480 [ 13.176610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.177125] kthread+0x337/0x6f0 [ 13.177269] ret_from_fork+0x116/0x1d0 [ 13.177631] ret_from_fork_asm+0x1a/0x30 [ 13.178040] [ 13.178132] The buggy address belongs to the object at ffff8881015ac780 [ 13.178132] which belongs to the cache kmem_cache of size 208 [ 13.178639] The buggy address is located 0 bytes inside of [ 13.178639] freed 208-byte region [ffff8881015ac780, ffff8881015ac850) [ 13.179721] [ 13.179825] The buggy address belongs to the physical page: [ 13.180076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1015ac [ 13.180466] flags: 0x200000000000000(node=0|zone=2) [ 13.180699] page_type: f5(slab) [ 13.180859] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.181192] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.181553] page dumped because: kasan: bad access detected [ 13.182477] [ 13.182563] Memory state around the buggy address: [ 13.182775] ffff8881015ac680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.183095] ffff8881015ac700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.183961] >ffff8881015ac780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.184461] ^ [ 13.184792] ffff8881015ac800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.185279] ffff8881015ac880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.186140] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.102661] ================================================================== [ 13.103208] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.103599] Read of size 1 at addr ffff888102741000 by task kunit_try_catch/230 [ 13.104189] [ 13.104409] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.104458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.104470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.104840] Call Trace: [ 13.104856] <TASK> [ 13.104873] dump_stack_lvl+0x73/0xb0 [ 13.104926] print_report+0xd1/0x610 [ 13.104948] ? __virt_addr_valid+0x1db/0x2d0 [ 13.104970] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.104992] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.105014] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.105037] kasan_report+0x141/0x180 [ 13.105058] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.105084] __asan_report_load1_noabort+0x18/0x20 [ 13.105107] kmem_cache_rcu_uaf+0x3e3/0x510 [ 13.105130] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.105151] ? finish_task_switch.isra.0+0x153/0x700 [ 13.105173] ? __switch_to+0x47/0xf50 [ 13.105202] ? __pfx_read_tsc+0x10/0x10 [ 13.105222] ? ktime_get_ts64+0x86/0x230 [ 13.105246] kunit_try_run_case+0x1a5/0x480 [ 13.105271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.105292] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.105316] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.105338] ? __kthread_parkme+0x82/0x180 [ 13.105370] ? preempt_count_sub+0x50/0x80 [ 13.105391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.105414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.105446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.105468] kthread+0x337/0x6f0 [ 13.105486] ? trace_preempt_on+0x20/0xc0 [ 13.105511] ? __pfx_kthread+0x10/0x10 [ 13.105531] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.105552] ? calculate_sigpending+0x7b/0xa0 [ 13.105576] ? __pfx_kthread+0x10/0x10 [ 13.105595] ret_from_fork+0x116/0x1d0 [ 13.105614] ? __pfx_kthread+0x10/0x10 [ 13.105633] ret_from_fork_asm+0x1a/0x30 [ 13.105663] </TASK> [ 13.105673] [ 13.115952] Allocated by task 230: [ 13.116145] kasan_save_stack+0x45/0x70 [ 13.116552] kasan_save_track+0x18/0x40 [ 13.116876] kasan_save_alloc_info+0x3b/0x50 [ 13.117190] __kasan_slab_alloc+0x91/0xa0 [ 13.117373] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.117862] kmem_cache_rcu_uaf+0x155/0x510 [ 13.118082] kunit_try_run_case+0x1a5/0x480 [ 13.118276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.118843] kthread+0x337/0x6f0 [ 13.119013] ret_from_fork+0x116/0x1d0 [ 13.119191] ret_from_fork_asm+0x1a/0x30 [ 13.119548] [ 13.119653] Freed by task 0: [ 13.119771] kasan_save_stack+0x45/0x70 [ 13.120223] kasan_save_track+0x18/0x40 [ 13.120509] kasan_save_free_info+0x3f/0x60 [ 13.120889] __kasan_slab_free+0x56/0x70 [ 13.121112] slab_free_after_rcu_debug+0xe4/0x310 [ 13.121523] rcu_core+0x66f/0x1c40 [ 13.121708] rcu_core_si+0x12/0x20 [ 13.121861] handle_softirqs+0x209/0x730 [ 13.122048] __irq_exit_rcu+0xc9/0x110 [ 13.122226] irq_exit_rcu+0x12/0x20 [ 13.122666] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.122852] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.123306] [ 13.123395] Last potentially related work creation: [ 13.123801] kasan_save_stack+0x45/0x70 [ 13.124156] kasan_record_aux_stack+0xb2/0xc0 [ 13.124331] kmem_cache_free+0x131/0x420 [ 13.124605] kmem_cache_rcu_uaf+0x194/0x510 [ 13.125061] kunit_try_run_case+0x1a5/0x480 [ 13.125258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.125681] kthread+0x337/0x6f0 [ 13.125862] ret_from_fork+0x116/0x1d0 [ 13.126163] ret_from_fork_asm+0x1a/0x30 [ 13.126321] [ 13.126757] The buggy address belongs to the object at ffff888102741000 [ 13.126757] which belongs to the cache test_cache of size 200 [ 13.127255] The buggy address is located 0 bytes inside of [ 13.127255] freed 200-byte region [ffff888102741000, ffff8881027410c8) [ 13.128126] [ 13.128235] The buggy address belongs to the physical page: [ 13.128674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102741 [ 13.129203] flags: 0x200000000000000(node=0|zone=2) [ 13.129613] page_type: f5(slab) [ 13.129784] raw: 0200000000000000 ffff88810100d640 dead000000000122 0000000000000000 [ 13.130227] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.130649] page dumped because: kasan: bad access detected [ 13.131134] [ 13.131214] Memory state around the buggy address: [ 13.131771] ffff888102740f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.132134] ffff888102740f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.132679] >ffff888102741000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.133188] ^ [ 13.133419] ffff888102741080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.133882] ffff888102741100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.134264] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.042216] ================================================================== [ 13.043166] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 13.043444] Free of addr ffff888102ae3001 by task kunit_try_catch/228 [ 13.043807] [ 13.044425] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.044476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.044487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.044509] Call Trace: [ 13.044521] <TASK> [ 13.044539] dump_stack_lvl+0x73/0xb0 [ 13.044571] print_report+0xd1/0x610 [ 13.044593] ? __virt_addr_valid+0x1db/0x2d0 [ 13.044616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.044636] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.044660] kasan_report_invalid_free+0x10a/0x130 [ 13.044811] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.044841] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.044865] check_slab_allocation+0x11f/0x130 [ 13.044885] __kasan_slab_pre_free+0x28/0x40 [ 13.044913] kmem_cache_free+0xed/0x420 [ 13.044933] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.044952] ? kmem_cache_invalid_free+0x1d8/0x460 [ 13.044978] kmem_cache_invalid_free+0x1d8/0x460 [ 13.045000] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.045022] ? finish_task_switch.isra.0+0x153/0x700 [ 13.045044] ? __switch_to+0x47/0xf50 [ 13.045072] ? __pfx_read_tsc+0x10/0x10 [ 13.045092] ? ktime_get_ts64+0x86/0x230 [ 13.045116] kunit_try_run_case+0x1a5/0x480 [ 13.045139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.045160] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.045183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.045205] ? __kthread_parkme+0x82/0x180 [ 13.045224] ? preempt_count_sub+0x50/0x80 [ 13.045245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.045268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.045290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.045311] kthread+0x337/0x6f0 [ 13.045329] ? trace_preempt_on+0x20/0xc0 [ 13.045415] ? __pfx_kthread+0x10/0x10 [ 13.045436] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.045456] ? calculate_sigpending+0x7b/0xa0 [ 13.045480] ? __pfx_kthread+0x10/0x10 [ 13.045500] ret_from_fork+0x116/0x1d0 [ 13.045518] ? __pfx_kthread+0x10/0x10 [ 13.045537] ret_from_fork_asm+0x1a/0x30 [ 13.045567] </TASK> [ 13.045577] [ 13.060846] Allocated by task 228: [ 13.061231] kasan_save_stack+0x45/0x70 [ 13.061704] kasan_save_track+0x18/0x40 [ 13.061848] kasan_save_alloc_info+0x3b/0x50 [ 13.062241] __kasan_slab_alloc+0x91/0xa0 [ 13.062733] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.063131] kmem_cache_invalid_free+0x157/0x460 [ 13.063293] kunit_try_run_case+0x1a5/0x480 [ 13.063620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.064184] kthread+0x337/0x6f0 [ 13.064631] ret_from_fork+0x116/0x1d0 [ 13.065010] ret_from_fork_asm+0x1a/0x30 [ 13.065231] [ 13.065301] The buggy address belongs to the object at ffff888102ae3000 [ 13.065301] which belongs to the cache test_cache of size 200 [ 13.066315] The buggy address is located 1 bytes inside of [ 13.066315] 200-byte region [ffff888102ae3000, ffff888102ae30c8) [ 13.066885] [ 13.066970] The buggy address belongs to the physical page: [ 13.067152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae3 [ 13.067456] flags: 0x200000000000000(node=0|zone=2) [ 13.067630] page_type: f5(slab) [ 13.067804] raw: 0200000000000000 ffff8881015ac640 dead000000000122 0000000000000000 [ 13.068059] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.068286] page dumped because: kasan: bad access detected [ 13.068677] [ 13.068831] Memory state around the buggy address: [ 13.069251] ffff888102ae2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.070072] ffff888102ae2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.070698] >ffff888102ae3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.070925] ^ [ 13.071043] ffff888102ae3080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.071262] ffff888102ae3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.071503] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.000186] ================================================================== [ 13.000654] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 13.000990] Free of addr ffff888102740000 by task kunit_try_catch/226 [ 13.001508] [ 13.001642] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.001687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.001698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.001717] Call Trace: [ 13.001729] <TASK> [ 13.001744] dump_stack_lvl+0x73/0xb0 [ 13.001773] print_report+0xd1/0x610 [ 13.001794] ? __virt_addr_valid+0x1db/0x2d0 [ 13.002200] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.002229] ? kmem_cache_double_free+0x1e5/0x480 [ 13.002255] kasan_report_invalid_free+0x10a/0x130 [ 13.002278] ? kmem_cache_double_free+0x1e5/0x480 [ 13.002303] ? kmem_cache_double_free+0x1e5/0x480 [ 13.002335] check_slab_allocation+0x101/0x130 [ 13.002366] __kasan_slab_pre_free+0x28/0x40 [ 13.002386] kmem_cache_free+0xed/0x420 [ 13.002405] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.002424] ? kmem_cache_double_free+0x1e5/0x480 [ 13.002449] kmem_cache_double_free+0x1e5/0x480 [ 13.002472] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.002494] ? finish_task_switch.isra.0+0x153/0x700 [ 13.002516] ? __switch_to+0x47/0xf50 [ 13.002542] ? __pfx_read_tsc+0x10/0x10 [ 13.002562] ? ktime_get_ts64+0x86/0x230 [ 13.002585] kunit_try_run_case+0x1a5/0x480 [ 13.002608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.002628] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.002650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.002672] ? __kthread_parkme+0x82/0x180 [ 13.002718] ? preempt_count_sub+0x50/0x80 [ 13.002740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.002762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.002784] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.002806] kthread+0x337/0x6f0 [ 13.002824] ? trace_preempt_on+0x20/0xc0 [ 13.002847] ? __pfx_kthread+0x10/0x10 [ 13.002866] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.002886] ? calculate_sigpending+0x7b/0xa0 [ 13.002917] ? __pfx_kthread+0x10/0x10 [ 13.002937] ret_from_fork+0x116/0x1d0 [ 13.002955] ? __pfx_kthread+0x10/0x10 [ 13.002973] ret_from_fork_asm+0x1a/0x30 [ 13.003002] </TASK> [ 13.003012] [ 13.016943] Allocated by task 226: [ 13.017123] kasan_save_stack+0x45/0x70 [ 13.017313] kasan_save_track+0x18/0x40 [ 13.017485] kasan_save_alloc_info+0x3b/0x50 [ 13.018193] __kasan_slab_alloc+0x91/0xa0 [ 13.018697] kmem_cache_alloc_noprof+0x123/0x3f0 [ 13.019002] kmem_cache_double_free+0x14f/0x480 [ 13.019346] kunit_try_run_case+0x1a5/0x480 [ 13.019566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.020172] kthread+0x337/0x6f0 [ 13.020345] ret_from_fork+0x116/0x1d0 [ 13.020520] ret_from_fork_asm+0x1a/0x30 [ 13.021014] [ 13.021177] Freed by task 226: [ 13.021469] kasan_save_stack+0x45/0x70 [ 13.021960] kasan_save_track+0x18/0x40 [ 13.022154] kasan_save_free_info+0x3f/0x60 [ 13.022332] __kasan_slab_free+0x56/0x70 [ 13.022817] kmem_cache_free+0x249/0x420 [ 13.023012] kmem_cache_double_free+0x16a/0x480 [ 13.023209] kunit_try_run_case+0x1a5/0x480 [ 13.023956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.024291] kthread+0x337/0x6f0 [ 13.024644] ret_from_fork+0x116/0x1d0 [ 13.025044] ret_from_fork_asm+0x1a/0x30 [ 13.025620] [ 13.025729] The buggy address belongs to the object at ffff888102740000 [ 13.025729] which belongs to the cache test_cache of size 200 [ 13.026243] The buggy address is located 0 bytes inside of [ 13.026243] 200-byte region [ffff888102740000, ffff8881027400c8) [ 13.027611] [ 13.027754] The buggy address belongs to the physical page: [ 13.028262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102740 [ 13.029205] flags: 0x200000000000000(node=0|zone=2) [ 13.029842] page_type: f5(slab) [ 13.030038] raw: 0200000000000000 ffff88810100d500 dead000000000122 0000000000000000 [ 13.030602] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.030990] page dumped because: kasan: bad access detected [ 13.031223] [ 13.031307] Memory state around the buggy address: [ 13.031939] ffff88810273ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.032251] ffff88810273ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.033051] >ffff888102740000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.033568] ^ [ 13.034057] ffff888102740080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.034412] ffff888102740100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.034734] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.960739] ================================================================== [ 12.961597] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.962639] Read of size 1 at addr ffff88810273d0c8 by task kunit_try_catch/224 [ 12.963505] [ 12.963779] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.963826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.963837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.963857] Call Trace: [ 12.963870] <TASK> [ 12.963886] dump_stack_lvl+0x73/0xb0 [ 12.963926] print_report+0xd1/0x610 [ 12.963947] ? __virt_addr_valid+0x1db/0x2d0 [ 12.963968] ? kmem_cache_oob+0x402/0x530 [ 12.963989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.964010] ? kmem_cache_oob+0x402/0x530 [ 12.964031] kasan_report+0x141/0x180 [ 12.964051] ? kmem_cache_oob+0x402/0x530 [ 12.964077] __asan_report_load1_noabort+0x18/0x20 [ 12.964099] kmem_cache_oob+0x402/0x530 [ 12.964119] ? trace_hardirqs_on+0x37/0xe0 [ 12.964141] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.964161] ? finish_task_switch.isra.0+0x153/0x700 [ 12.964183] ? __switch_to+0x47/0xf50 [ 12.964210] ? __pfx_read_tsc+0x10/0x10 [ 12.964229] ? ktime_get_ts64+0x86/0x230 [ 12.964253] kunit_try_run_case+0x1a5/0x480 [ 12.964276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.964296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.964319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.964340] ? __kthread_parkme+0x82/0x180 [ 12.964526] ? preempt_count_sub+0x50/0x80 [ 12.964550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.964589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.964612] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.964635] kthread+0x337/0x6f0 [ 12.964654] ? trace_preempt_on+0x20/0xc0 [ 12.964675] ? __pfx_kthread+0x10/0x10 [ 12.964696] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.964716] ? calculate_sigpending+0x7b/0xa0 [ 12.964740] ? __pfx_kthread+0x10/0x10 [ 12.964761] ret_from_fork+0x116/0x1d0 [ 12.964779] ? __pfx_kthread+0x10/0x10 [ 12.964799] ret_from_fork_asm+0x1a/0x30 [ 12.964828] </TASK> [ 12.964839] [ 12.976152] Allocated by task 224: [ 12.976526] kasan_save_stack+0x45/0x70 [ 12.976725] kasan_save_track+0x18/0x40 [ 12.977218] kasan_save_alloc_info+0x3b/0x50 [ 12.977367] __kasan_slab_alloc+0x91/0xa0 [ 12.977871] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.978108] kmem_cache_oob+0x157/0x530 [ 12.978417] kunit_try_run_case+0x1a5/0x480 [ 12.978851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.979233] kthread+0x337/0x6f0 [ 12.979542] ret_from_fork+0x116/0x1d0 [ 12.979694] ret_from_fork_asm+0x1a/0x30 [ 12.980077] [ 12.980290] The buggy address belongs to the object at ffff88810273d000 [ 12.980290] which belongs to the cache test_cache of size 200 [ 12.981053] The buggy address is located 0 bytes to the right of [ 12.981053] allocated 200-byte region [ffff88810273d000, ffff88810273d0c8) [ 12.981549] [ 12.981627] The buggy address belongs to the physical page: [ 12.982057] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10273d [ 12.982337] flags: 0x200000000000000(node=0|zone=2) [ 12.982577] page_type: f5(slab) [ 12.982818] raw: 0200000000000000 ffff88810100d3c0 dead000000000122 0000000000000000 [ 12.983146] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.983586] page dumped because: kasan: bad access detected [ 12.983792] [ 12.983897] Memory state around the buggy address: [ 12.984079] ffff88810273cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.984369] ffff88810273d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.984727] >ffff88810273d080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.985014] ^ [ 12.985246] ffff88810273d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.985659] ffff88810273d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.985988] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.917483] ================================================================== [ 12.918091] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.918314] Read of size 8 at addr ffff888102ad8c40 by task kunit_try_catch/217 [ 12.919387] [ 12.919756] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.919803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.919814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.919835] Call Trace: [ 12.919846] <TASK> [ 12.919862] dump_stack_lvl+0x73/0xb0 [ 12.919892] print_report+0xd1/0x610 [ 12.919926] ? __virt_addr_valid+0x1db/0x2d0 [ 12.919947] ? workqueue_uaf+0x4d6/0x560 [ 12.919967] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.919987] ? workqueue_uaf+0x4d6/0x560 [ 12.920007] kasan_report+0x141/0x180 [ 12.920027] ? workqueue_uaf+0x4d6/0x560 [ 12.920052] __asan_report_load8_noabort+0x18/0x20 [ 12.920074] workqueue_uaf+0x4d6/0x560 [ 12.920095] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.920115] ? __schedule+0x10cc/0x2b60 [ 12.920136] ? __pfx_read_tsc+0x10/0x10 [ 12.920156] ? ktime_get_ts64+0x86/0x230 [ 12.920179] kunit_try_run_case+0x1a5/0x480 [ 12.920202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.920223] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.920245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.920267] ? __kthread_parkme+0x82/0x180 [ 12.920285] ? preempt_count_sub+0x50/0x80 [ 12.920307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.920329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.920358] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.920380] kthread+0x337/0x6f0 [ 12.920398] ? trace_preempt_on+0x20/0xc0 [ 12.920422] ? __pfx_kthread+0x10/0x10 [ 12.920441] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.920460] ? calculate_sigpending+0x7b/0xa0 [ 12.920482] ? __pfx_kthread+0x10/0x10 [ 12.920502] ret_from_fork+0x116/0x1d0 [ 12.920519] ? __pfx_kthread+0x10/0x10 [ 12.920538] ret_from_fork_asm+0x1a/0x30 [ 12.920567] </TASK> [ 12.920577] [ 12.932583] Allocated by task 217: [ 12.932879] kasan_save_stack+0x45/0x70 [ 12.933169] kasan_save_track+0x18/0x40 [ 12.933344] kasan_save_alloc_info+0x3b/0x50 [ 12.933543] __kasan_kmalloc+0xb7/0xc0 [ 12.934115] __kmalloc_cache_noprof+0x189/0x420 [ 12.934950] workqueue_uaf+0x152/0x560 [ 12.935150] kunit_try_run_case+0x1a5/0x480 [ 12.935330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.935790] kthread+0x337/0x6f0 [ 12.936088] ret_from_fork+0x116/0x1d0 [ 12.936281] ret_from_fork_asm+0x1a/0x30 [ 12.936620] [ 12.936734] Freed by task 9: [ 12.937049] kasan_save_stack+0x45/0x70 [ 12.937234] kasan_save_track+0x18/0x40 [ 12.937578] kasan_save_free_info+0x3f/0x60 [ 12.937944] __kasan_slab_free+0x56/0x70 [ 12.938133] kfree+0x222/0x3f0 [ 12.938282] workqueue_uaf_work+0x12/0x20 [ 12.938721] process_one_work+0x5ee/0xf60 [ 12.939114] worker_thread+0x758/0x1220 [ 12.939453] kthread+0x337/0x6f0 [ 12.939948] ret_from_fork+0x116/0x1d0 [ 12.940267] ret_from_fork_asm+0x1a/0x30 [ 12.940602] [ 12.940866] Last potentially related work creation: [ 12.941096] kasan_save_stack+0x45/0x70 [ 12.941273] kasan_record_aux_stack+0xb2/0xc0 [ 12.941656] __queue_work+0x626/0xeb0 [ 12.942037] queue_work_on+0xb6/0xc0 [ 12.942225] workqueue_uaf+0x26d/0x560 [ 12.942577] kunit_try_run_case+0x1a5/0x480 [ 12.942974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.943677] kthread+0x337/0x6f0 [ 12.943936] ret_from_fork+0x116/0x1d0 [ 12.944250] ret_from_fork_asm+0x1a/0x30 [ 12.944682] [ 12.944841] The buggy address belongs to the object at ffff888102ad8c40 [ 12.944841] which belongs to the cache kmalloc-32 of size 32 [ 12.945341] The buggy address is located 0 bytes inside of [ 12.945341] freed 32-byte region [ffff888102ad8c40, ffff888102ad8c60) [ 12.946522] [ 12.946764] The buggy address belongs to the physical page: [ 12.947012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad8 [ 12.947327] flags: 0x200000000000000(node=0|zone=2) [ 12.947854] page_type: f5(slab) [ 12.948155] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.948599] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.949077] page dumped because: kasan: bad access detected [ 12.949297] [ 12.949623] Memory state around the buggy address: [ 12.949894] ffff888102ad8b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.950420] ffff888102ad8b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.950726] >ffff888102ad8c00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.951008] ^ [ 12.951226] ffff888102ad8c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.951878] ffff888102ad8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.952347] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.872471] ================================================================== [ 12.872930] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.873265] Read of size 4 at addr ffff8881027371c0 by task swapper/1/0 [ 12.873757] [ 12.873856] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.874020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.874034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.874123] Call Trace: [ 12.874151] <IRQ> [ 12.874168] dump_stack_lvl+0x73/0xb0 [ 12.874200] print_report+0xd1/0x610 [ 12.874222] ? __virt_addr_valid+0x1db/0x2d0 [ 12.874244] ? rcu_uaf_reclaim+0x50/0x60 [ 12.874262] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.874283] ? rcu_uaf_reclaim+0x50/0x60 [ 12.874302] kasan_report+0x141/0x180 [ 12.874322] ? rcu_uaf_reclaim+0x50/0x60 [ 12.874346] __asan_report_load4_noabort+0x18/0x20 [ 12.874437] rcu_uaf_reclaim+0x50/0x60 [ 12.874456] rcu_core+0x66f/0x1c40 [ 12.874484] ? __pfx_rcu_core+0x10/0x10 [ 12.874503] ? ktime_get+0x6b/0x150 [ 12.874524] ? handle_softirqs+0x18e/0x730 [ 12.874547] rcu_core_si+0x12/0x20 [ 12.874565] handle_softirqs+0x209/0x730 [ 12.874584] ? hrtimer_interrupt+0x2fe/0x780 [ 12.874605] ? __pfx_handle_softirqs+0x10/0x10 [ 12.874628] __irq_exit_rcu+0xc9/0x110 [ 12.874647] irq_exit_rcu+0x12/0x20 [ 12.874665] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.874689] </IRQ> [ 12.874715] <TASK> [ 12.874725] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.874813] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.875039] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 23 52 21 00 fb f4 <e9> 3c 1d 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.875124] RSP: 0000:ffff888100877dc8 EFLAGS: 00010212 [ 12.875207] RAX: ffff8881c4172000 RBX: ffff888100853000 RCX: ffffffff94a77125 [ 12.875262] RDX: ffffed102b62618b RSI: 0000000000000004 RDI: 000000000000f3bc [ 12.875304] RBP: ffff888100877dd0 R08: 0000000000000001 R09: ffffed102b62618a [ 12.875359] R10: ffff88815b130c53 R11: 0000000000016400 R12: 0000000000000001 [ 12.875401] R13: ffffed102010a600 R14: ffffffff967b1a90 R15: 0000000000000000 [ 12.875460] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.875513] ? default_idle+0xd/0x20 [ 12.875530] arch_cpu_idle+0xd/0x20 [ 12.875547] default_idle_call+0x48/0x80 [ 12.875564] do_idle+0x379/0x4f0 [ 12.875588] ? __pfx_do_idle+0x10/0x10 [ 12.875614] cpu_startup_entry+0x5c/0x70 [ 12.875632] start_secondary+0x211/0x290 [ 12.875653] ? __pfx_start_secondary+0x10/0x10 [ 12.875677] common_startup_64+0x13e/0x148 [ 12.875707] </TASK> [ 12.875717] [ 12.890252] Allocated by task 215: [ 12.890653] kasan_save_stack+0x45/0x70 [ 12.891116] kasan_save_track+0x18/0x40 [ 12.891317] kasan_save_alloc_info+0x3b/0x50 [ 12.891678] __kasan_kmalloc+0xb7/0xc0 [ 12.891821] __kmalloc_cache_noprof+0x189/0x420 [ 12.892139] rcu_uaf+0xb0/0x330 [ 12.892278] kunit_try_run_case+0x1a5/0x480 [ 12.892490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.892823] kthread+0x337/0x6f0 [ 12.893175] ret_from_fork+0x116/0x1d0 [ 12.893764] ret_from_fork_asm+0x1a/0x30 [ 12.893957] [ 12.894036] Freed by task 0: [ 12.894172] kasan_save_stack+0x45/0x70 [ 12.894350] kasan_save_track+0x18/0x40 [ 12.894521] kasan_save_free_info+0x3f/0x60 [ 12.895063] __kasan_slab_free+0x56/0x70 [ 12.895525] kfree+0x222/0x3f0 [ 12.895866] rcu_uaf_reclaim+0x1f/0x60 [ 12.896076] rcu_core+0x66f/0x1c40 [ 12.896238] rcu_core_si+0x12/0x20 [ 12.896746] handle_softirqs+0x209/0x730 [ 12.897013] __irq_exit_rcu+0xc9/0x110 [ 12.897331] irq_exit_rcu+0x12/0x20 [ 12.897579] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.898023] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.898277] [ 12.898467] Last potentially related work creation: [ 12.899005] kasan_save_stack+0x45/0x70 [ 12.899197] kasan_record_aux_stack+0xb2/0xc0 [ 12.899789] __call_rcu_common.constprop.0+0x7b/0x9e0 [ 12.900121] call_rcu+0x12/0x20 [ 12.900285] rcu_uaf+0x168/0x330 [ 12.900715] kunit_try_run_case+0x1a5/0x480 [ 12.900930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.901156] kthread+0x337/0x6f0 [ 12.901309] ret_from_fork+0x116/0x1d0 [ 12.901978] ret_from_fork_asm+0x1a/0x30 [ 12.902556] [ 12.902687] The buggy address belongs to the object at ffff8881027371c0 [ 12.902687] which belongs to the cache kmalloc-32 of size 32 [ 12.903690] The buggy address is located 0 bytes inside of [ 12.903690] freed 32-byte region [ffff8881027371c0, ffff8881027371e0) [ 12.904204] [ 12.904300] The buggy address belongs to the physical page: [ 12.905121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102737 [ 12.905758] flags: 0x200000000000000(node=0|zone=2) [ 12.906138] page_type: f5(slab) [ 12.906303] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.907216] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.908135] page dumped because: kasan: bad access detected [ 12.908560] [ 12.908653] Memory state around the buggy address: [ 12.909083] ffff888102737080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.909652] ffff888102737100: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 12.910084] >ffff888102737180: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.910593] ^ [ 12.911072] ffff888102737200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.911728] ffff888102737280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.912116] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.834479] ================================================================== [ 12.835207] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.835771] Read of size 1 at addr ffff88810272ba78 by task kunit_try_catch/213 [ 12.836012] [ 12.836096] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.836134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.836145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.836164] Call Trace: [ 12.836174] <TASK> [ 12.836187] dump_stack_lvl+0x73/0xb0 [ 12.836213] print_report+0xd1/0x610 [ 12.836234] ? __virt_addr_valid+0x1db/0x2d0 [ 12.836254] ? ksize_uaf+0x5e4/0x6c0 [ 12.836274] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.836294] ? ksize_uaf+0x5e4/0x6c0 [ 12.836314] kasan_report+0x141/0x180 [ 12.836334] ? ksize_uaf+0x5e4/0x6c0 [ 12.836358] __asan_report_load1_noabort+0x18/0x20 [ 12.836381] ksize_uaf+0x5e4/0x6c0 [ 12.836400] ? __pfx_ksize_uaf+0x10/0x10 [ 12.836420] ? __schedule+0x10cc/0x2b60 [ 12.836441] ? __pfx_read_tsc+0x10/0x10 [ 12.836460] ? ktime_get_ts64+0x86/0x230 [ 12.836483] kunit_try_run_case+0x1a5/0x480 [ 12.836505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.836525] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.836546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.836664] ? __kthread_parkme+0x82/0x180 [ 12.836685] ? preempt_count_sub+0x50/0x80 [ 12.836707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.836730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.836752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.836774] kthread+0x337/0x6f0 [ 12.836792] ? trace_preempt_on+0x20/0xc0 [ 12.836813] ? __pfx_kthread+0x10/0x10 [ 12.836832] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.836852] ? calculate_sigpending+0x7b/0xa0 [ 12.836874] ? __pfx_kthread+0x10/0x10 [ 12.836894] ret_from_fork+0x116/0x1d0 [ 12.836923] ? __pfx_kthread+0x10/0x10 [ 12.836942] ret_from_fork_asm+0x1a/0x30 [ 12.836971] </TASK> [ 12.836980] [ 12.846167] Allocated by task 213: [ 12.846302] kasan_save_stack+0x45/0x70 [ 12.846538] kasan_save_track+0x18/0x40 [ 12.846895] kasan_save_alloc_info+0x3b/0x50 [ 12.847131] __kasan_kmalloc+0xb7/0xc0 [ 12.847317] __kmalloc_cache_noprof+0x189/0x420 [ 12.847612] ksize_uaf+0xaa/0x6c0 [ 12.847776] kunit_try_run_case+0x1a5/0x480 [ 12.848039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.848293] kthread+0x337/0x6f0 [ 12.848505] ret_from_fork+0x116/0x1d0 [ 12.848642] ret_from_fork_asm+0x1a/0x30 [ 12.849024] [ 12.849149] Freed by task 213: [ 12.849401] kasan_save_stack+0x45/0x70 [ 12.849598] kasan_save_track+0x18/0x40 [ 12.849903] kasan_save_free_info+0x3f/0x60 [ 12.850162] __kasan_slab_free+0x56/0x70 [ 12.850306] kfree+0x222/0x3f0 [ 12.850635] ksize_uaf+0x12c/0x6c0 [ 12.851007] kunit_try_run_case+0x1a5/0x480 [ 12.851166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.851536] kthread+0x337/0x6f0 [ 12.851962] ret_from_fork+0x116/0x1d0 [ 12.852135] ret_from_fork_asm+0x1a/0x30 [ 12.852419] [ 12.852547] The buggy address belongs to the object at ffff88810272ba00 [ 12.852547] which belongs to the cache kmalloc-128 of size 128 [ 12.853098] The buggy address is located 120 bytes inside of [ 12.853098] freed 128-byte region [ffff88810272ba00, ffff88810272ba80) [ 12.853757] [ 12.853887] The buggy address belongs to the physical page: [ 12.854149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272b [ 12.854641] flags: 0x200000000000000(node=0|zone=2) [ 12.855062] page_type: f5(slab) [ 12.855219] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.855487] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.855961] page dumped because: kasan: bad access detected [ 12.856407] [ 12.856541] Memory state around the buggy address: [ 12.856845] ffff88810272b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.857181] ffff88810272b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.857579] >ffff88810272ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.857856] ^ [ 12.858298] ffff88810272ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.858876] ffff88810272bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.859224] ================================================================== [ 12.810817] ================================================================== [ 12.811223] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.811434] Read of size 1 at addr ffff88810272ba00 by task kunit_try_catch/213 [ 12.811699] [ 12.811803] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.811843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.811951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.811975] Call Trace: [ 12.811986] <TASK> [ 12.811998] dump_stack_lvl+0x73/0xb0 [ 12.812062] print_report+0xd1/0x610 [ 12.812082] ? __virt_addr_valid+0x1db/0x2d0 [ 12.812103] ? ksize_uaf+0x5fe/0x6c0 [ 12.812122] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.812143] ? ksize_uaf+0x5fe/0x6c0 [ 12.812162] kasan_report+0x141/0x180 [ 12.812183] ? ksize_uaf+0x5fe/0x6c0 [ 12.812208] __asan_report_load1_noabort+0x18/0x20 [ 12.812230] ksize_uaf+0x5fe/0x6c0 [ 12.812249] ? __pfx_ksize_uaf+0x10/0x10 [ 12.812269] ? __schedule+0x10cc/0x2b60 [ 12.812290] ? __pfx_read_tsc+0x10/0x10 [ 12.812309] ? ktime_get_ts64+0x86/0x230 [ 12.812331] kunit_try_run_case+0x1a5/0x480 [ 12.812395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.812451] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.812498] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.812544] ? __kthread_parkme+0x82/0x180 [ 12.812562] ? preempt_count_sub+0x50/0x80 [ 12.812584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.812607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.812628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.812650] kthread+0x337/0x6f0 [ 12.812668] ? trace_preempt_on+0x20/0xc0 [ 12.812689] ? __pfx_kthread+0x10/0x10 [ 12.812709] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.812728] ? calculate_sigpending+0x7b/0xa0 [ 12.812750] ? __pfx_kthread+0x10/0x10 [ 12.812770] ret_from_fork+0x116/0x1d0 [ 12.812787] ? __pfx_kthread+0x10/0x10 [ 12.812806] ret_from_fork_asm+0x1a/0x30 [ 12.812834] </TASK> [ 12.812843] [ 12.821319] Allocated by task 213: [ 12.821533] kasan_save_stack+0x45/0x70 [ 12.821707] kasan_save_track+0x18/0x40 [ 12.821842] kasan_save_alloc_info+0x3b/0x50 [ 12.822001] __kasan_kmalloc+0xb7/0xc0 [ 12.822248] __kmalloc_cache_noprof+0x189/0x420 [ 12.822764] ksize_uaf+0xaa/0x6c0 [ 12.822947] kunit_try_run_case+0x1a5/0x480 [ 12.823273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.823638] kthread+0x337/0x6f0 [ 12.823965] ret_from_fork+0x116/0x1d0 [ 12.824181] ret_from_fork_asm+0x1a/0x30 [ 12.824411] [ 12.824508] Freed by task 213: [ 12.824721] kasan_save_stack+0x45/0x70 [ 12.824923] kasan_save_track+0x18/0x40 [ 12.825139] kasan_save_free_info+0x3f/0x60 [ 12.825403] __kasan_slab_free+0x56/0x70 [ 12.825629] kfree+0x222/0x3f0 [ 12.825808] ksize_uaf+0x12c/0x6c0 [ 12.826026] kunit_try_run_case+0x1a5/0x480 [ 12.826242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.826575] kthread+0x337/0x6f0 [ 12.826769] ret_from_fork+0x116/0x1d0 [ 12.826978] ret_from_fork_asm+0x1a/0x30 [ 12.827211] [ 12.827302] The buggy address belongs to the object at ffff88810272ba00 [ 12.827302] which belongs to the cache kmalloc-128 of size 128 [ 12.828090] The buggy address is located 0 bytes inside of [ 12.828090] freed 128-byte region [ffff88810272ba00, ffff88810272ba80) [ 12.828699] [ 12.828775] The buggy address belongs to the physical page: [ 12.828978] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272b [ 12.829564] flags: 0x200000000000000(node=0|zone=2) [ 12.829951] page_type: f5(slab) [ 12.830222] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.830578] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.830918] page dumped because: kasan: bad access detected [ 12.831123] [ 12.831191] Memory state around the buggy address: [ 12.831345] ffff88810272b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.831822] ffff88810272b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.832223] >ffff88810272ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.832832] ^ [ 12.833180] ffff88810272ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.833690] ffff88810272bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.834021] ================================================================== [ 12.786479] ================================================================== [ 12.787650] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.788091] Read of size 1 at addr ffff88810272ba00 by task kunit_try_catch/213 [ 12.788867] [ 12.788979] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.789026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.789037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.789060] Call Trace: [ 12.789073] <TASK> [ 12.789089] dump_stack_lvl+0x73/0xb0 [ 12.789119] print_report+0xd1/0x610 [ 12.789141] ? __virt_addr_valid+0x1db/0x2d0 [ 12.789164] ? ksize_uaf+0x19d/0x6c0 [ 12.789183] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.789204] ? ksize_uaf+0x19d/0x6c0 [ 12.789224] kasan_report+0x141/0x180 [ 12.789244] ? ksize_uaf+0x19d/0x6c0 [ 12.789266] ? ksize_uaf+0x19d/0x6c0 [ 12.789286] __kasan_check_byte+0x3d/0x50 [ 12.789306] ksize+0x20/0x60 [ 12.789326] ksize_uaf+0x19d/0x6c0 [ 12.789345] ? __pfx_ksize_uaf+0x10/0x10 [ 12.789366] ? __schedule+0x10cc/0x2b60 [ 12.789464] ? __pfx_read_tsc+0x10/0x10 [ 12.789486] ? ktime_get_ts64+0x86/0x230 [ 12.789510] kunit_try_run_case+0x1a5/0x480 [ 12.789535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.789556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.789577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.789599] ? __kthread_parkme+0x82/0x180 [ 12.789641] ? preempt_count_sub+0x50/0x80 [ 12.789664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.789686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.789708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.789747] kthread+0x337/0x6f0 [ 12.789766] ? trace_preempt_on+0x20/0xc0 [ 12.789787] ? __pfx_kthread+0x10/0x10 [ 12.789806] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.789826] ? calculate_sigpending+0x7b/0xa0 [ 12.789848] ? __pfx_kthread+0x10/0x10 [ 12.789868] ret_from_fork+0x116/0x1d0 [ 12.789886] ? __pfx_kthread+0x10/0x10 [ 12.789916] ret_from_fork_asm+0x1a/0x30 [ 12.789946] </TASK> [ 12.789956] [ 12.798059] Allocated by task 213: [ 12.798249] kasan_save_stack+0x45/0x70 [ 12.798625] kasan_save_track+0x18/0x40 [ 12.798805] kasan_save_alloc_info+0x3b/0x50 [ 12.799032] __kasan_kmalloc+0xb7/0xc0 [ 12.799241] __kmalloc_cache_noprof+0x189/0x420 [ 12.799565] ksize_uaf+0xaa/0x6c0 [ 12.799753] kunit_try_run_case+0x1a5/0x480 [ 12.799924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.800101] kthread+0x337/0x6f0 [ 12.800223] ret_from_fork+0x116/0x1d0 [ 12.800353] ret_from_fork_asm+0x1a/0x30 [ 12.800549] [ 12.800643] Freed by task 213: [ 12.800800] kasan_save_stack+0x45/0x70 [ 12.801022] kasan_save_track+0x18/0x40 [ 12.801218] kasan_save_free_info+0x3f/0x60 [ 12.801760] __kasan_slab_free+0x56/0x70 [ 12.801924] kfree+0x222/0x3f0 [ 12.802042] ksize_uaf+0x12c/0x6c0 [ 12.802166] kunit_try_run_case+0x1a5/0x480 [ 12.802400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.802761] kthread+0x337/0x6f0 [ 12.802955] ret_from_fork+0x116/0x1d0 [ 12.803144] ret_from_fork_asm+0x1a/0x30 [ 12.803411] [ 12.803489] The buggy address belongs to the object at ffff88810272ba00 [ 12.803489] which belongs to the cache kmalloc-128 of size 128 [ 12.803994] The buggy address is located 0 bytes inside of [ 12.803994] freed 128-byte region [ffff88810272ba00, ffff88810272ba80) [ 12.804586] [ 12.804662] The buggy address belongs to the physical page: [ 12.805094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272b [ 12.805512] flags: 0x200000000000000(node=0|zone=2) [ 12.805801] page_type: f5(slab) [ 12.806133] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.806523] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.806949] page dumped because: kasan: bad access detected [ 12.807249] [ 12.807363] Memory state around the buggy address: [ 12.807743] ffff88810272b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.808096] ffff88810272b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.808505] >ffff88810272ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.808896] ^ [ 12.809103] ffff88810272ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.809621] ffff88810272bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.809983] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.703738] ================================================================== [ 12.704616] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.705832] Read of size 1 at addr ffff88810272b973 by task kunit_try_catch/211 [ 12.706319] [ 12.706420] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.706465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.706476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.706775] Call Trace: [ 12.706794] <TASK> [ 12.706810] dump_stack_lvl+0x73/0xb0 [ 12.706842] print_report+0xd1/0x610 [ 12.706864] ? __virt_addr_valid+0x1db/0x2d0 [ 12.706887] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.706951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.706973] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.706995] kasan_report+0x141/0x180 [ 12.707016] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.707042] __asan_report_load1_noabort+0x18/0x20 [ 12.707073] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.707095] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.707116] ? finish_task_switch.isra.0+0x153/0x700 [ 12.707138] ? __switch_to+0x47/0xf50 [ 12.707163] ? __schedule+0x10cc/0x2b60 [ 12.707185] ? __pfx_read_tsc+0x10/0x10 [ 12.707204] ? ktime_get_ts64+0x86/0x230 [ 12.707227] kunit_try_run_case+0x1a5/0x480 [ 12.707251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.707271] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.707294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.707315] ? __kthread_parkme+0x82/0x180 [ 12.707356] ? preempt_count_sub+0x50/0x80 [ 12.707378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.707400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.707422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.707443] kthread+0x337/0x6f0 [ 12.707462] ? trace_preempt_on+0x20/0xc0 [ 12.707483] ? __pfx_kthread+0x10/0x10 [ 12.707502] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.707522] ? calculate_sigpending+0x7b/0xa0 [ 12.707544] ? __pfx_kthread+0x10/0x10 [ 12.707564] ret_from_fork+0x116/0x1d0 [ 12.707581] ? __pfx_kthread+0x10/0x10 [ 12.707600] ret_from_fork_asm+0x1a/0x30 [ 12.707629] </TASK> [ 12.707639] [ 12.718522] Allocated by task 211: [ 12.718918] kasan_save_stack+0x45/0x70 [ 12.719319] kasan_save_track+0x18/0x40 [ 12.719729] kasan_save_alloc_info+0x3b/0x50 [ 12.720225] __kasan_kmalloc+0xb7/0xc0 [ 12.720607] __kmalloc_cache_noprof+0x189/0x420 [ 12.721175] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.721714] kunit_try_run_case+0x1a5/0x480 [ 12.722123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.722300] kthread+0x337/0x6f0 [ 12.722761] ret_from_fork+0x116/0x1d0 [ 12.723174] ret_from_fork_asm+0x1a/0x30 [ 12.723639] [ 12.723808] The buggy address belongs to the object at ffff88810272b900 [ 12.723808] which belongs to the cache kmalloc-128 of size 128 [ 12.724621] The buggy address is located 0 bytes to the right of [ 12.724621] allocated 115-byte region [ffff88810272b900, ffff88810272b973) [ 12.725995] [ 12.726158] The buggy address belongs to the physical page: [ 12.726775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272b [ 12.727030] flags: 0x200000000000000(node=0|zone=2) [ 12.727571] page_type: f5(slab) [ 12.727989] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.728730] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.729541] page dumped because: kasan: bad access detected [ 12.730150] [ 12.730312] Memory state around the buggy address: [ 12.730940] ffff88810272b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.731197] ffff88810272b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.731628] >ffff88810272b900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.732487] ^ [ 12.733220] ffff88810272b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.733642] ffff88810272ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.734311] ================================================================== [ 12.735117] ================================================================== [ 12.735359] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.735656] Read of size 1 at addr ffff88810272b978 by task kunit_try_catch/211 [ 12.736242] [ 12.736332] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.736373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.736384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.736403] Call Trace: [ 12.736418] <TASK> [ 12.736431] dump_stack_lvl+0x73/0xb0 [ 12.736459] print_report+0xd1/0x610 [ 12.736479] ? __virt_addr_valid+0x1db/0x2d0 [ 12.736501] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.736522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.736543] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.736564] kasan_report+0x141/0x180 [ 12.736585] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.736611] __asan_report_load1_noabort+0x18/0x20 [ 12.736633] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.736656] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.736677] ? finish_task_switch.isra.0+0x153/0x700 [ 12.736697] ? __switch_to+0x47/0xf50 [ 12.736752] ? __schedule+0x10cc/0x2b60 [ 12.736773] ? __pfx_read_tsc+0x10/0x10 [ 12.736792] ? ktime_get_ts64+0x86/0x230 [ 12.736976] kunit_try_run_case+0x1a5/0x480 [ 12.737005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.737028] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.737052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.737073] ? __kthread_parkme+0x82/0x180 [ 12.737092] ? preempt_count_sub+0x50/0x80 [ 12.737113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.737136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.737170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.737192] kthread+0x337/0x6f0 [ 12.737210] ? trace_preempt_on+0x20/0xc0 [ 12.737244] ? __pfx_kthread+0x10/0x10 [ 12.737264] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.737283] ? calculate_sigpending+0x7b/0xa0 [ 12.737305] ? __pfx_kthread+0x10/0x10 [ 12.737334] ret_from_fork+0x116/0x1d0 [ 12.737422] ? __pfx_kthread+0x10/0x10 [ 12.737443] ret_from_fork_asm+0x1a/0x30 [ 12.737472] </TASK> [ 12.737482] [ 12.746022] Allocated by task 211: [ 12.746235] kasan_save_stack+0x45/0x70 [ 12.746556] kasan_save_track+0x18/0x40 [ 12.746764] kasan_save_alloc_info+0x3b/0x50 [ 12.747002] __kasan_kmalloc+0xb7/0xc0 [ 12.747153] __kmalloc_cache_noprof+0x189/0x420 [ 12.747310] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.747463] kunit_try_run_case+0x1a5/0x480 [ 12.747762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.748028] kthread+0x337/0x6f0 [ 12.748195] ret_from_fork+0x116/0x1d0 [ 12.748379] ret_from_fork_asm+0x1a/0x30 [ 12.748733] [ 12.748851] The buggy address belongs to the object at ffff88810272b900 [ 12.748851] which belongs to the cache kmalloc-128 of size 128 [ 12.749332] The buggy address is located 5 bytes to the right of [ 12.749332] allocated 115-byte region [ffff88810272b900, ffff88810272b973) [ 12.750064] [ 12.750178] The buggy address belongs to the physical page: [ 12.750473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272b [ 12.750761] flags: 0x200000000000000(node=0|zone=2) [ 12.750938] page_type: f5(slab) [ 12.751059] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.751320] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.751822] page dumped because: kasan: bad access detected [ 12.752085] [ 12.752177] Memory state around the buggy address: [ 12.752579] ffff88810272b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.753068] ffff88810272b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.753323] >ffff88810272b900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.753864] ^ [ 12.754215] ffff88810272b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.754485] ffff88810272ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.755041] ================================================================== [ 12.755468] ================================================================== [ 12.755937] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.756494] Read of size 1 at addr ffff88810272b97f by task kunit_try_catch/211 [ 12.756833] [ 12.756973] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.757014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.757024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.757043] Call Trace: [ 12.757056] <TASK> [ 12.757069] dump_stack_lvl+0x73/0xb0 [ 12.757095] print_report+0xd1/0x610 [ 12.757116] ? __virt_addr_valid+0x1db/0x2d0 [ 12.757136] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.757169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.757190] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.757212] kasan_report+0x141/0x180 [ 12.757232] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.757270] __asan_report_load1_noabort+0x18/0x20 [ 12.757292] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.757314] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.757335] ? finish_task_switch.isra.0+0x153/0x700 [ 12.757431] ? __switch_to+0x47/0xf50 [ 12.757456] ? __schedule+0x10cc/0x2b60 [ 12.757476] ? __pfx_read_tsc+0x10/0x10 [ 12.757495] ? ktime_get_ts64+0x86/0x230 [ 12.757531] kunit_try_run_case+0x1a5/0x480 [ 12.757553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.757574] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.757608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.757630] ? __kthread_parkme+0x82/0x180 [ 12.757648] ? preempt_count_sub+0x50/0x80 [ 12.757669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.757699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.757729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.757751] kthread+0x337/0x6f0 [ 12.757769] ? trace_preempt_on+0x20/0xc0 [ 12.757800] ? __pfx_kthread+0x10/0x10 [ 12.757820] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.757839] ? calculate_sigpending+0x7b/0xa0 [ 12.757861] ? __pfx_kthread+0x10/0x10 [ 12.757880] ret_from_fork+0x116/0x1d0 [ 12.757897] ? __pfx_kthread+0x10/0x10 [ 12.757926] ret_from_fork_asm+0x1a/0x30 [ 12.757954] </TASK> [ 12.757964] [ 12.766329] Allocated by task 211: [ 12.766464] kasan_save_stack+0x45/0x70 [ 12.766635] kasan_save_track+0x18/0x40 [ 12.766823] kasan_save_alloc_info+0x3b/0x50 [ 12.767041] __kasan_kmalloc+0xb7/0xc0 [ 12.767307] __kmalloc_cache_noprof+0x189/0x420 [ 12.767647] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.767883] kunit_try_run_case+0x1a5/0x480 [ 12.768105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.768885] kthread+0x337/0x6f0 [ 12.769092] ret_from_fork+0x116/0x1d0 [ 12.769274] ret_from_fork_asm+0x1a/0x30 [ 12.770280] [ 12.770431] The buggy address belongs to the object at ffff88810272b900 [ 12.770431] which belongs to the cache kmalloc-128 of size 128 [ 12.771325] The buggy address is located 12 bytes to the right of [ 12.771325] allocated 115-byte region [ffff88810272b900, ffff88810272b973) [ 12.772098] [ 12.772196] The buggy address belongs to the physical page: [ 12.773020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272b [ 12.773311] flags: 0x200000000000000(node=0|zone=2) [ 12.773987] page_type: f5(slab) [ 12.774328] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.775042] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.775277] page dumped because: kasan: bad access detected [ 12.775457] [ 12.775527] Memory state around the buggy address: [ 12.775685] ffff88810272b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.775900] ffff88810272b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.776118] >ffff88810272b900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.776604] ^ [ 12.777577] ffff88810272b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.778431] ffff88810272ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.779117] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.673926] ================================================================== [ 12.674178] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.674379] Free of addr ffff888101d1f560 by task kunit_try_catch/209 [ 12.674576] [ 12.674663] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.674706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.674717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.674737] Call Trace: [ 12.674750] <TASK> [ 12.674764] dump_stack_lvl+0x73/0xb0 [ 12.674790] print_report+0xd1/0x610 [ 12.674810] ? __virt_addr_valid+0x1db/0x2d0 [ 12.674832] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.674851] ? kfree_sensitive+0x2e/0x90 [ 12.674871] kasan_report_invalid_free+0x10a/0x130 [ 12.674894] ? kfree_sensitive+0x2e/0x90 [ 12.674954] ? kfree_sensitive+0x2e/0x90 [ 12.674973] check_slab_allocation+0x101/0x130 [ 12.674993] __kasan_slab_pre_free+0x28/0x40 [ 12.675013] kfree+0xf0/0x3f0 [ 12.675033] ? kfree_sensitive+0x2e/0x90 [ 12.675062] kfree_sensitive+0x2e/0x90 [ 12.675081] kmalloc_double_kzfree+0x19c/0x350 [ 12.675102] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.675125] ? __schedule+0x10cc/0x2b60 [ 12.675146] ? __pfx_read_tsc+0x10/0x10 [ 12.675165] ? ktime_get_ts64+0x86/0x230 [ 12.675188] kunit_try_run_case+0x1a5/0x480 [ 12.675210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.675232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.675254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.675276] ? __kthread_parkme+0x82/0x180 [ 12.675294] ? preempt_count_sub+0x50/0x80 [ 12.675316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.675339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.675360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.675393] kthread+0x337/0x6f0 [ 12.675411] ? trace_preempt_on+0x20/0xc0 [ 12.675432] ? __pfx_kthread+0x10/0x10 [ 12.675692] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.675721] ? calculate_sigpending+0x7b/0xa0 [ 12.675744] ? __pfx_kthread+0x10/0x10 [ 12.675765] ret_from_fork+0x116/0x1d0 [ 12.675783] ? __pfx_kthread+0x10/0x10 [ 12.675802] ret_from_fork_asm+0x1a/0x30 [ 12.675831] </TASK> [ 12.675841] [ 12.685840] Allocated by task 209: [ 12.686030] kasan_save_stack+0x45/0x70 [ 12.686221] kasan_save_track+0x18/0x40 [ 12.686356] kasan_save_alloc_info+0x3b/0x50 [ 12.686573] __kasan_kmalloc+0xb7/0xc0 [ 12.686762] __kmalloc_cache_noprof+0x189/0x420 [ 12.687730] kmalloc_double_kzfree+0xa9/0x350 [ 12.687927] kunit_try_run_case+0x1a5/0x480 [ 12.688223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.688673] kthread+0x337/0x6f0 [ 12.688870] ret_from_fork+0x116/0x1d0 [ 12.689136] ret_from_fork_asm+0x1a/0x30 [ 12.689370] [ 12.689608] Freed by task 209: [ 12.689767] kasan_save_stack+0x45/0x70 [ 12.690071] kasan_save_track+0x18/0x40 [ 12.690219] kasan_save_free_info+0x3f/0x60 [ 12.690589] __kasan_slab_free+0x56/0x70 [ 12.690786] kfree+0x222/0x3f0 [ 12.691285] kfree_sensitive+0x67/0x90 [ 12.691534] kmalloc_double_kzfree+0x12b/0x350 [ 12.691828] kunit_try_run_case+0x1a5/0x480 [ 12.692195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.692420] kthread+0x337/0x6f0 [ 12.692598] ret_from_fork+0x116/0x1d0 [ 12.693005] ret_from_fork_asm+0x1a/0x30 [ 12.693282] [ 12.693567] The buggy address belongs to the object at ffff888101d1f560 [ 12.693567] which belongs to the cache kmalloc-16 of size 16 [ 12.694224] The buggy address is located 0 bytes inside of [ 12.694224] 16-byte region [ffff888101d1f560, ffff888101d1f570) [ 12.694807] [ 12.695095] The buggy address belongs to the physical page: [ 12.695307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d1f [ 12.695643] flags: 0x200000000000000(node=0|zone=2) [ 12.695861] page_type: f5(slab) [ 12.696007] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.696705] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.697088] page dumped because: kasan: bad access detected [ 12.697266] [ 12.697493] Memory state around the buggy address: [ 12.697761] ffff888101d1f400: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.698298] ffff888101d1f480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.698755] >ffff888101d1f500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.699093] ^ [ 12.699467] ffff888101d1f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.699939] ffff888101d1f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.700463] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.638622] ================================================================== [ 12.639904] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.640248] Read of size 1 at addr ffff888101d1f560 by task kunit_try_catch/209 [ 12.640879] [ 12.641061] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.641104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.641134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.641153] Call Trace: [ 12.641165] <TASK> [ 12.641180] dump_stack_lvl+0x73/0xb0 [ 12.641209] print_report+0xd1/0x610 [ 12.641230] ? __virt_addr_valid+0x1db/0x2d0 [ 12.641251] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.641273] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.641293] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.641315] kasan_report+0x141/0x180 [ 12.641344] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.641369] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.641390] __kasan_check_byte+0x3d/0x50 [ 12.641411] kfree_sensitive+0x22/0x90 [ 12.641433] kmalloc_double_kzfree+0x19c/0x350 [ 12.641456] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.641479] ? __schedule+0x10cc/0x2b60 [ 12.641500] ? __pfx_read_tsc+0x10/0x10 [ 12.641520] ? ktime_get_ts64+0x86/0x230 [ 12.641543] kunit_try_run_case+0x1a5/0x480 [ 12.641567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.641588] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.641610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.641632] ? __kthread_parkme+0x82/0x180 [ 12.641651] ? preempt_count_sub+0x50/0x80 [ 12.641674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.641696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.641718] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.641740] kthread+0x337/0x6f0 [ 12.641758] ? trace_preempt_on+0x20/0xc0 [ 12.641780] ? __pfx_kthread+0x10/0x10 [ 12.641799] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.641819] ? calculate_sigpending+0x7b/0xa0 [ 12.641843] ? __pfx_kthread+0x10/0x10 [ 12.641863] ret_from_fork+0x116/0x1d0 [ 12.641880] ? __pfx_kthread+0x10/0x10 [ 12.641900] ret_from_fork_asm+0x1a/0x30 [ 12.641938] </TASK> [ 12.641948] [ 12.655237] Allocated by task 209: [ 12.655624] kasan_save_stack+0x45/0x70 [ 12.656053] kasan_save_track+0x18/0x40 [ 12.656242] kasan_save_alloc_info+0x3b/0x50 [ 12.656544] __kasan_kmalloc+0xb7/0xc0 [ 12.656901] __kmalloc_cache_noprof+0x189/0x420 [ 12.657316] kmalloc_double_kzfree+0xa9/0x350 [ 12.657782] kunit_try_run_case+0x1a5/0x480 [ 12.658109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.658283] kthread+0x337/0x6f0 [ 12.658698] ret_from_fork+0x116/0x1d0 [ 12.659053] ret_from_fork_asm+0x1a/0x30 [ 12.659453] [ 12.659610] Freed by task 209: [ 12.659939] kasan_save_stack+0x45/0x70 [ 12.660286] kasan_save_track+0x18/0x40 [ 12.660515] kasan_save_free_info+0x3f/0x60 [ 12.660915] __kasan_slab_free+0x56/0x70 [ 12.661106] kfree+0x222/0x3f0 [ 12.661234] kfree_sensitive+0x67/0x90 [ 12.661376] kmalloc_double_kzfree+0x12b/0x350 [ 12.661955] kunit_try_run_case+0x1a5/0x480 [ 12.662353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.662902] kthread+0x337/0x6f0 [ 12.663220] ret_from_fork+0x116/0x1d0 [ 12.663651] ret_from_fork_asm+0x1a/0x30 [ 12.664015] [ 12.664118] The buggy address belongs to the object at ffff888101d1f560 [ 12.664118] which belongs to the cache kmalloc-16 of size 16 [ 12.664744] The buggy address is located 0 bytes inside of [ 12.664744] freed 16-byte region [ffff888101d1f560, ffff888101d1f570) [ 12.665833] [ 12.666005] The buggy address belongs to the physical page: [ 12.666222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d1f [ 12.666644] flags: 0x200000000000000(node=0|zone=2) [ 12.667110] page_type: f5(slab) [ 12.667407] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.668208] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.668952] page dumped because: kasan: bad access detected [ 12.669195] [ 12.669265] Memory state around the buggy address: [ 12.669472] ffff888101d1f400: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.670143] ffff888101d1f480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.670820] >ffff888101d1f500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.671704] ^ [ 12.672778] ffff888101d1f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.673313] ffff888101d1f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.673546] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.609514] ================================================================== [ 12.609987] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.610308] Read of size 1 at addr ffff8881027362a8 by task kunit_try_catch/205 [ 12.610657] [ 12.610777] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.610820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.610831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.610850] Call Trace: [ 12.610862] <TASK> [ 12.610876] dump_stack_lvl+0x73/0xb0 [ 12.610913] print_report+0xd1/0x610 [ 12.610935] ? __virt_addr_valid+0x1db/0x2d0 [ 12.610956] ? kmalloc_uaf2+0x4a8/0x520 [ 12.610974] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.610995] ? kmalloc_uaf2+0x4a8/0x520 [ 12.611014] kasan_report+0x141/0x180 [ 12.611034] ? kmalloc_uaf2+0x4a8/0x520 [ 12.611061] __asan_report_load1_noabort+0x18/0x20 [ 12.611084] kmalloc_uaf2+0x4a8/0x520 [ 12.611102] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.611120] ? finish_task_switch.isra.0+0x153/0x700 [ 12.611140] ? __switch_to+0x47/0xf50 [ 12.611165] ? __schedule+0x10cc/0x2b60 [ 12.611186] ? __pfx_read_tsc+0x10/0x10 [ 12.611205] ? ktime_get_ts64+0x86/0x230 [ 12.611228] kunit_try_run_case+0x1a5/0x480 [ 12.611250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.611271] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.611292] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.611314] ? __kthread_parkme+0x82/0x180 [ 12.611354] ? preempt_count_sub+0x50/0x80 [ 12.611377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.611399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.611421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.611442] kthread+0x337/0x6f0 [ 12.611460] ? trace_preempt_on+0x20/0xc0 [ 12.611481] ? __pfx_kthread+0x10/0x10 [ 12.611501] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.611521] ? calculate_sigpending+0x7b/0xa0 [ 12.611543] ? __pfx_kthread+0x10/0x10 [ 12.611563] ret_from_fork+0x116/0x1d0 [ 12.611579] ? __pfx_kthread+0x10/0x10 [ 12.611598] ret_from_fork_asm+0x1a/0x30 [ 12.611627] </TASK> [ 12.611636] [ 12.618941] Allocated by task 205: [ 12.619147] kasan_save_stack+0x45/0x70 [ 12.619450] kasan_save_track+0x18/0x40 [ 12.619639] kasan_save_alloc_info+0x3b/0x50 [ 12.619864] __kasan_kmalloc+0xb7/0xc0 [ 12.620059] __kmalloc_cache_noprof+0x189/0x420 [ 12.620254] kmalloc_uaf2+0xc6/0x520 [ 12.620413] kunit_try_run_case+0x1a5/0x480 [ 12.620559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.620917] kthread+0x337/0x6f0 [ 12.621261] ret_from_fork+0x116/0x1d0 [ 12.621497] ret_from_fork_asm+0x1a/0x30 [ 12.621699] [ 12.621839] Freed by task 205: [ 12.622005] kasan_save_stack+0x45/0x70 [ 12.622167] kasan_save_track+0x18/0x40 [ 12.622400] kasan_save_free_info+0x3f/0x60 [ 12.622612] __kasan_slab_free+0x56/0x70 [ 12.622795] kfree+0x222/0x3f0 [ 12.622987] kmalloc_uaf2+0x14c/0x520 [ 12.623153] kunit_try_run_case+0x1a5/0x480 [ 12.623318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.623583] kthread+0x337/0x6f0 [ 12.623892] ret_from_fork+0x116/0x1d0 [ 12.624260] ret_from_fork_asm+0x1a/0x30 [ 12.624635] [ 12.624816] The buggy address belongs to the object at ffff888102736280 [ 12.624816] which belongs to the cache kmalloc-64 of size 64 [ 12.625846] The buggy address is located 40 bytes inside of [ 12.625846] freed 64-byte region [ffff888102736280, ffff8881027362c0) [ 12.626976] [ 12.627229] The buggy address belongs to the physical page: [ 12.627737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102736 [ 12.627986] flags: 0x200000000000000(node=0|zone=2) [ 12.628147] page_type: f5(slab) [ 12.628269] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.628627] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.629360] page dumped because: kasan: bad access detected [ 12.629539] [ 12.629608] Memory state around the buggy address: [ 12.629965] ffff888102736180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.630615] ffff888102736200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.631316] >ffff888102736280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.632001] ^ [ 12.632480] ffff888102736300: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.633110] ffff888102736380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.633483] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.579508] ================================================================== [ 12.580432] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.580957] Write of size 33 at addr ffff888102add100 by task kunit_try_catch/203 [ 12.581492] [ 12.581703] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.581747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.581758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.581790] Call Trace: [ 12.581801] <TASK> [ 12.581816] dump_stack_lvl+0x73/0xb0 [ 12.581845] print_report+0xd1/0x610 [ 12.581866] ? __virt_addr_valid+0x1db/0x2d0 [ 12.581896] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.581924] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.581945] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.581976] kasan_report+0x141/0x180 [ 12.582018] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.582065] kasan_check_range+0x10c/0x1c0 [ 12.582087] __asan_memset+0x27/0x50 [ 12.582105] kmalloc_uaf_memset+0x1a3/0x360 [ 12.582124] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.582146] ? __schedule+0x10cc/0x2b60 [ 12.582166] ? __pfx_read_tsc+0x10/0x10 [ 12.582186] ? ktime_get_ts64+0x86/0x230 [ 12.582209] kunit_try_run_case+0x1a5/0x480 [ 12.582232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.582253] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.582274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.582296] ? __kthread_parkme+0x82/0x180 [ 12.582314] ? preempt_count_sub+0x50/0x80 [ 12.582353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.582375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.582397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.582443] kthread+0x337/0x6f0 [ 12.582463] ? trace_preempt_on+0x20/0xc0 [ 12.582484] ? __pfx_kthread+0x10/0x10 [ 12.582503] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.582523] ? calculate_sigpending+0x7b/0xa0 [ 12.582545] ? __pfx_kthread+0x10/0x10 [ 12.582565] ret_from_fork+0x116/0x1d0 [ 12.582581] ? __pfx_kthread+0x10/0x10 [ 12.582610] ret_from_fork_asm+0x1a/0x30 [ 12.582639] </TASK> [ 12.582648] [ 12.595165] Allocated by task 203: [ 12.595353] kasan_save_stack+0x45/0x70 [ 12.595558] kasan_save_track+0x18/0x40 [ 12.595752] kasan_save_alloc_info+0x3b/0x50 [ 12.595999] __kasan_kmalloc+0xb7/0xc0 [ 12.596270] __kmalloc_cache_noprof+0x189/0x420 [ 12.596519] kmalloc_uaf_memset+0xa9/0x360 [ 12.596661] kunit_try_run_case+0x1a5/0x480 [ 12.596824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.597007] kthread+0x337/0x6f0 [ 12.597175] ret_from_fork+0x116/0x1d0 [ 12.597359] ret_from_fork_asm+0x1a/0x30 [ 12.597552] [ 12.597645] Freed by task 203: [ 12.597920] kasan_save_stack+0x45/0x70 [ 12.598130] kasan_save_track+0x18/0x40 [ 12.598327] kasan_save_free_info+0x3f/0x60 [ 12.598584] __kasan_slab_free+0x56/0x70 [ 12.598791] kfree+0x222/0x3f0 [ 12.598954] kmalloc_uaf_memset+0x12b/0x360 [ 12.599147] kunit_try_run_case+0x1a5/0x480 [ 12.599319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.599554] kthread+0x337/0x6f0 [ 12.599753] ret_from_fork+0x116/0x1d0 [ 12.599949] ret_from_fork_asm+0x1a/0x30 [ 12.600147] [ 12.600242] The buggy address belongs to the object at ffff888102add100 [ 12.600242] which belongs to the cache kmalloc-64 of size 64 [ 12.600774] The buggy address is located 0 bytes inside of [ 12.600774] freed 64-byte region [ffff888102add100, ffff888102add140) [ 12.601247] [ 12.601409] The buggy address belongs to the physical page: [ 12.601600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 12.601865] flags: 0x200000000000000(node=0|zone=2) [ 12.602039] page_type: f5(slab) [ 12.602158] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.602598] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.602972] page dumped because: kasan: bad access detected [ 12.603229] [ 12.603320] Memory state around the buggy address: [ 12.603605] ffff888102add000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.603961] ffff888102add080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.604276] >ffff888102add100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.604633] ^ [ 12.604800] ffff888102add180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.605070] ffff888102add200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.605452] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.545867] ================================================================== [ 12.546406] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.546922] Read of size 1 at addr ffff888100fffaa8 by task kunit_try_catch/201 [ 12.547226] [ 12.547346] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.547389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.547400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.547420] Call Trace: [ 12.547431] <TASK> [ 12.547445] dump_stack_lvl+0x73/0xb0 [ 12.547474] print_report+0xd1/0x610 [ 12.547495] ? __virt_addr_valid+0x1db/0x2d0 [ 12.547517] ? kmalloc_uaf+0x320/0x380 [ 12.547535] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.547556] ? kmalloc_uaf+0x320/0x380 [ 12.547574] kasan_report+0x141/0x180 [ 12.547595] ? kmalloc_uaf+0x320/0x380 [ 12.547618] __asan_report_load1_noabort+0x18/0x20 [ 12.547641] kmalloc_uaf+0x320/0x380 [ 12.547659] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.547679] ? __schedule+0x10cc/0x2b60 [ 12.547791] ? __pfx_read_tsc+0x10/0x10 [ 12.547811] ? ktime_get_ts64+0x86/0x230 [ 12.547835] kunit_try_run_case+0x1a5/0x480 [ 12.547859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.547880] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.547902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.547936] ? __kthread_parkme+0x82/0x180 [ 12.547968] ? preempt_count_sub+0x50/0x80 [ 12.547991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.548014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.548036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.548057] kthread+0x337/0x6f0 [ 12.548076] ? trace_preempt_on+0x20/0xc0 [ 12.548098] ? __pfx_kthread+0x10/0x10 [ 12.548117] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.548137] ? calculate_sigpending+0x7b/0xa0 [ 12.548159] ? __pfx_kthread+0x10/0x10 [ 12.548179] ret_from_fork+0x116/0x1d0 [ 12.548196] ? __pfx_kthread+0x10/0x10 [ 12.548215] ret_from_fork_asm+0x1a/0x30 [ 12.548244] </TASK> [ 12.548254] [ 12.560086] Allocated by task 201: [ 12.560259] kasan_save_stack+0x45/0x70 [ 12.560715] kasan_save_track+0x18/0x40 [ 12.561094] kasan_save_alloc_info+0x3b/0x50 [ 12.561287] __kasan_kmalloc+0xb7/0xc0 [ 12.561452] __kmalloc_cache_noprof+0x189/0x420 [ 12.561675] kmalloc_uaf+0xaa/0x380 [ 12.562280] kunit_try_run_case+0x1a5/0x480 [ 12.562646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.563051] kthread+0x337/0x6f0 [ 12.563332] ret_from_fork+0x116/0x1d0 [ 12.563702] ret_from_fork_asm+0x1a/0x30 [ 12.563981] [ 12.564062] Freed by task 201: [ 12.564222] kasan_save_stack+0x45/0x70 [ 12.564699] kasan_save_track+0x18/0x40 [ 12.564870] kasan_save_free_info+0x3f/0x60 [ 12.565250] __kasan_slab_free+0x56/0x70 [ 12.565746] kfree+0x222/0x3f0 [ 12.566035] kmalloc_uaf+0x12c/0x380 [ 12.566424] kunit_try_run_case+0x1a5/0x480 [ 12.566621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.567052] kthread+0x337/0x6f0 [ 12.567334] ret_from_fork+0x116/0x1d0 [ 12.567653] ret_from_fork_asm+0x1a/0x30 [ 12.567998] [ 12.568101] The buggy address belongs to the object at ffff888100fffaa0 [ 12.568101] which belongs to the cache kmalloc-16 of size 16 [ 12.568948] The buggy address is located 8 bytes inside of [ 12.568948] freed 16-byte region [ffff888100fffaa0, ffff888100fffab0) [ 12.569874] [ 12.570107] The buggy address belongs to the physical page: [ 12.570525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 12.571079] flags: 0x200000000000000(node=0|zone=2) [ 12.571263] page_type: f5(slab) [ 12.571700] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.572260] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.572839] page dumped because: kasan: bad access detected [ 12.573174] [ 12.573276] Memory state around the buggy address: [ 12.573867] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 12.574300] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 12.574651] >ffff888100fffa80: 00 05 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.575229] ^ [ 12.575682] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.576128] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.576662] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.518842] ================================================================== [ 12.520353] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.521030] Read of size 64 at addr ffff888102ad3f84 by task kunit_try_catch/199 [ 12.521875] [ 12.522034] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.522104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.522116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.522136] Call Trace: [ 12.522148] <TASK> [ 12.522161] dump_stack_lvl+0x73/0xb0 [ 12.522190] print_report+0xd1/0x610 [ 12.522210] ? __virt_addr_valid+0x1db/0x2d0 [ 12.522231] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.522254] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.522274] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.522297] kasan_report+0x141/0x180 [ 12.522317] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.522345] kasan_check_range+0x10c/0x1c0 [ 12.522368] __asan_memmove+0x27/0x70 [ 12.522386] kmalloc_memmove_invalid_size+0x16f/0x330 [ 12.522409] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.522435] ? __schedule+0x10cc/0x2b60 [ 12.522456] ? __pfx_read_tsc+0x10/0x10 [ 12.522476] ? ktime_get_ts64+0x86/0x230 [ 12.522502] kunit_try_run_case+0x1a5/0x480 [ 12.522524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.522545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.522568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.522590] ? __kthread_parkme+0x82/0x180 [ 12.522608] ? preempt_count_sub+0x50/0x80 [ 12.522631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.522653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.522675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.522717] kthread+0x337/0x6f0 [ 12.522736] ? trace_preempt_on+0x20/0xc0 [ 12.522757] ? __pfx_kthread+0x10/0x10 [ 12.522776] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.522796] ? calculate_sigpending+0x7b/0xa0 [ 12.522817] ? __pfx_kthread+0x10/0x10 [ 12.522837] ret_from_fork+0x116/0x1d0 [ 12.522854] ? __pfx_kthread+0x10/0x10 [ 12.522873] ret_from_fork_asm+0x1a/0x30 [ 12.522902] </TASK> [ 12.522922] [ 12.532477] Allocated by task 199: [ 12.532681] kasan_save_stack+0x45/0x70 [ 12.532868] kasan_save_track+0x18/0x40 [ 12.533051] kasan_save_alloc_info+0x3b/0x50 [ 12.533198] __kasan_kmalloc+0xb7/0xc0 [ 12.533330] __kmalloc_cache_noprof+0x189/0x420 [ 12.533626] kmalloc_memmove_invalid_size+0xac/0x330 [ 12.533999] kunit_try_run_case+0x1a5/0x480 [ 12.534250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.534637] kthread+0x337/0x6f0 [ 12.534758] ret_from_fork+0x116/0x1d0 [ 12.534890] ret_from_fork_asm+0x1a/0x30 [ 12.535245] [ 12.535373] The buggy address belongs to the object at ffff888102ad3f80 [ 12.535373] which belongs to the cache kmalloc-64 of size 64 [ 12.536287] The buggy address is located 4 bytes inside of [ 12.536287] allocated 64-byte region [ffff888102ad3f80, ffff888102ad3fc0) [ 12.536979] [ 12.537203] The buggy address belongs to the physical page: [ 12.537563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad3 [ 12.537959] flags: 0x200000000000000(node=0|zone=2) [ 12.538151] page_type: f5(slab) [ 12.538272] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.538798] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.539229] page dumped because: kasan: bad access detected [ 12.539403] [ 12.539471] Memory state around the buggy address: [ 12.539681] ffff888102ad3e80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.540081] ffff888102ad3f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.540771] >ffff888102ad3f80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.541045] ^ [ 12.541329] ffff888102ad4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.541582] ffff888102ad4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.542172] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.485514] ================================================================== [ 12.486692] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 12.487770] Read of size 18446744073709551614 at addr ffff888102736004 by task kunit_try_catch/197 [ 12.488244] [ 12.488341] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.488745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.488757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.488778] Call Trace: [ 12.488790] <TASK> [ 12.488807] dump_stack_lvl+0x73/0xb0 [ 12.488847] print_report+0xd1/0x610 [ 12.488868] ? __virt_addr_valid+0x1db/0x2d0 [ 12.488889] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.488920] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.488941] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.488987] kasan_report+0x141/0x180 [ 12.489008] ? kmalloc_memmove_negative_size+0x171/0x330 [ 12.489036] kasan_check_range+0x10c/0x1c0 [ 12.489058] __asan_memmove+0x27/0x70 [ 12.489077] kmalloc_memmove_negative_size+0x171/0x330 [ 12.489100] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.489124] ? __schedule+0x10cc/0x2b60 [ 12.489145] ? __pfx_read_tsc+0x10/0x10 [ 12.489164] ? ktime_get_ts64+0x86/0x230 [ 12.489187] kunit_try_run_case+0x1a5/0x480 [ 12.489209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.489230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.489251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.489273] ? __kthread_parkme+0x82/0x180 [ 12.489292] ? preempt_count_sub+0x50/0x80 [ 12.489314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.489336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.489391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.489413] kthread+0x337/0x6f0 [ 12.489432] ? trace_preempt_on+0x20/0xc0 [ 12.489454] ? __pfx_kthread+0x10/0x10 [ 12.489473] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.489492] ? calculate_sigpending+0x7b/0xa0 [ 12.489514] ? __pfx_kthread+0x10/0x10 [ 12.489534] ret_from_fork+0x116/0x1d0 [ 12.489551] ? __pfx_kthread+0x10/0x10 [ 12.489570] ret_from_fork_asm+0x1a/0x30 [ 12.489599] </TASK> [ 12.489609] [ 12.503167] Allocated by task 197: [ 12.503489] kasan_save_stack+0x45/0x70 [ 12.504072] kasan_save_track+0x18/0x40 [ 12.504579] kasan_save_alloc_info+0x3b/0x50 [ 12.504760] __kasan_kmalloc+0xb7/0xc0 [ 12.505108] __kmalloc_cache_noprof+0x189/0x420 [ 12.505587] kmalloc_memmove_negative_size+0xac/0x330 [ 12.505948] kunit_try_run_case+0x1a5/0x480 [ 12.506092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.506259] kthread+0x337/0x6f0 [ 12.506463] ret_from_fork+0x116/0x1d0 [ 12.506836] ret_from_fork_asm+0x1a/0x30 [ 12.507263] [ 12.507442] The buggy address belongs to the object at ffff888102736000 [ 12.507442] which belongs to the cache kmalloc-64 of size 64 [ 12.508659] The buggy address is located 4 bytes inside of [ 12.508659] 64-byte region [ffff888102736000, ffff888102736040) [ 12.509323] [ 12.509573] The buggy address belongs to the physical page: [ 12.510158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102736 [ 12.510679] flags: 0x200000000000000(node=0|zone=2) [ 12.510847] page_type: f5(slab) [ 12.510980] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.511208] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.511662] page dumped because: kasan: bad access detected [ 12.512214] [ 12.512426] Memory state around the buggy address: [ 12.512941] ffff888102735f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.513673] ffff888102735f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.514298] >ffff888102736000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.515011] ^ [ 12.515375] ffff888102736080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.516125] ffff888102736100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.516343] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.458231] ================================================================== [ 12.459503] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 12.460142] Write of size 16 at addr ffff888102ad4469 by task kunit_try_catch/195 [ 12.460465] [ 12.460580] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.460626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.460637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.460659] Call Trace: [ 12.460672] <TASK> [ 12.460690] dump_stack_lvl+0x73/0xb0 [ 12.460721] print_report+0xd1/0x610 [ 12.460742] ? __virt_addr_valid+0x1db/0x2d0 [ 12.460764] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.460784] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.460805] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.460826] kasan_report+0x141/0x180 [ 12.460846] ? kmalloc_oob_memset_16+0x166/0x330 [ 12.460871] kasan_check_range+0x10c/0x1c0 [ 12.460892] __asan_memset+0x27/0x50 [ 12.460921] kmalloc_oob_memset_16+0x166/0x330 [ 12.460942] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.460963] ? __schedule+0x10cc/0x2b60 [ 12.460985] ? __pfx_read_tsc+0x10/0x10 [ 12.461004] ? ktime_get_ts64+0x86/0x230 [ 12.461029] kunit_try_run_case+0x1a5/0x480 [ 12.461138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.461200] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.461247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.461285] ? __kthread_parkme+0x82/0x180 [ 12.461305] ? preempt_count_sub+0x50/0x80 [ 12.461328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.461369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.461392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.461414] kthread+0x337/0x6f0 [ 12.461432] ? trace_preempt_on+0x20/0xc0 [ 12.461454] ? __pfx_kthread+0x10/0x10 [ 12.461474] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.461494] ? calculate_sigpending+0x7b/0xa0 [ 12.461517] ? __pfx_kthread+0x10/0x10 [ 12.461537] ret_from_fork+0x116/0x1d0 [ 12.461557] ? __pfx_kthread+0x10/0x10 [ 12.461611] ret_from_fork_asm+0x1a/0x30 [ 12.461641] </TASK> [ 12.461652] [ 12.470404] Allocated by task 195: [ 12.470591] kasan_save_stack+0x45/0x70 [ 12.470781] kasan_save_track+0x18/0x40 [ 12.470967] kasan_save_alloc_info+0x3b/0x50 [ 12.471179] __kasan_kmalloc+0xb7/0xc0 [ 12.471342] __kmalloc_cache_noprof+0x189/0x420 [ 12.471690] kmalloc_oob_memset_16+0xac/0x330 [ 12.471841] kunit_try_run_case+0x1a5/0x480 [ 12.471993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.472461] kthread+0x337/0x6f0 [ 12.472832] ret_from_fork+0x116/0x1d0 [ 12.473231] ret_from_fork_asm+0x1a/0x30 [ 12.473917] [ 12.474115] The buggy address belongs to the object at ffff888102ad4400 [ 12.474115] which belongs to the cache kmalloc-128 of size 128 [ 12.474879] The buggy address is located 105 bytes inside of [ 12.474879] allocated 120-byte region [ffff888102ad4400, ffff888102ad4478) [ 12.475652] [ 12.475752] The buggy address belongs to the physical page: [ 12.476068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 12.476815] flags: 0x200000000000000(node=0|zone=2) [ 12.476995] page_type: f5(slab) [ 12.477115] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.477347] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.477696] page dumped because: kasan: bad access detected [ 12.477954] [ 12.478024] Memory state around the buggy address: [ 12.478599] ffff888102ad4300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.479326] ffff888102ad4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.479895] >ffff888102ad4400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.480295] ^ [ 12.480781] ffff888102ad4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.481093] ffff888102ad4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.481421] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.424699] ================================================================== [ 12.425343] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 12.426047] Write of size 8 at addr ffff88810272b871 by task kunit_try_catch/193 [ 12.426289] [ 12.426512] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.426558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.426569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.426589] Call Trace: [ 12.426602] <TASK> [ 12.426616] dump_stack_lvl+0x73/0xb0 [ 12.426677] print_report+0xd1/0x610 [ 12.426931] ? __virt_addr_valid+0x1db/0x2d0 [ 12.426955] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.426975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.427007] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.427028] kasan_report+0x141/0x180 [ 12.427049] ? kmalloc_oob_memset_8+0x166/0x330 [ 12.427196] kasan_check_range+0x10c/0x1c0 [ 12.427224] __asan_memset+0x27/0x50 [ 12.427417] kmalloc_oob_memset_8+0x166/0x330 [ 12.427449] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.427472] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.427497] kunit_try_run_case+0x1a5/0x480 [ 12.427519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.427540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.427563] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.427584] ? __kthread_parkme+0x82/0x180 [ 12.427602] ? preempt_count_sub+0x50/0x80 [ 12.427625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.427647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.427668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.427690] kthread+0x337/0x6f0 [ 12.427708] ? trace_preempt_on+0x20/0xc0 [ 12.427730] ? __pfx_kthread+0x10/0x10 [ 12.427749] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.427768] ? calculate_sigpending+0x7b/0xa0 [ 12.427790] ? __pfx_kthread+0x10/0x10 [ 12.427810] ret_from_fork+0x116/0x1d0 [ 12.427827] ? __pfx_kthread+0x10/0x10 [ 12.427846] ret_from_fork_asm+0x1a/0x30 [ 12.427874] </TASK> [ 12.427883] [ 12.443150] Allocated by task 193: [ 12.443639] kasan_save_stack+0x45/0x70 [ 12.443804] kasan_save_track+0x18/0x40 [ 12.444032] kasan_save_alloc_info+0x3b/0x50 [ 12.444697] __kasan_kmalloc+0xb7/0xc0 [ 12.445113] __kmalloc_cache_noprof+0x189/0x420 [ 12.445703] kmalloc_oob_memset_8+0xac/0x330 [ 12.445863] kunit_try_run_case+0x1a5/0x480 [ 12.446266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.446806] kthread+0x337/0x6f0 [ 12.446994] ret_from_fork+0x116/0x1d0 [ 12.447156] ret_from_fork_asm+0x1a/0x30 [ 12.447302] [ 12.447393] The buggy address belongs to the object at ffff88810272b800 [ 12.447393] which belongs to the cache kmalloc-128 of size 128 [ 12.447751] The buggy address is located 113 bytes inside of [ 12.447751] allocated 120-byte region [ffff88810272b800, ffff88810272b878) [ 12.448874] [ 12.449053] The buggy address belongs to the physical page: [ 12.449626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272b [ 12.450389] flags: 0x200000000000000(node=0|zone=2) [ 12.450927] page_type: f5(slab) [ 12.451237] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.451488] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.451970] page dumped because: kasan: bad access detected [ 12.452571] [ 12.452648] Memory state around the buggy address: [ 12.452834] ffff88810272b700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.453053] ffff88810272b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.453269] >ffff88810272b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.453726] ^ [ 12.454314] ffff88810272b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.454572] ffff88810272b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.454808] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.389853] ================================================================== [ 12.390307] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 12.391325] Write of size 4 at addr ffff888102ad4375 by task kunit_try_catch/191 [ 12.392345] [ 12.392691] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.392750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.392762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.392782] Call Trace: [ 12.392794] <TASK> [ 12.392810] dump_stack_lvl+0x73/0xb0 [ 12.392841] print_report+0xd1/0x610 [ 12.392862] ? __virt_addr_valid+0x1db/0x2d0 [ 12.392884] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.392917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.392939] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.392960] kasan_report+0x141/0x180 [ 12.392981] ? kmalloc_oob_memset_4+0x166/0x330 [ 12.393006] kasan_check_range+0x10c/0x1c0 [ 12.393027] __asan_memset+0x27/0x50 [ 12.393045] kmalloc_oob_memset_4+0x166/0x330 [ 12.393066] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.393087] ? __schedule+0x10cc/0x2b60 [ 12.393109] ? __pfx_read_tsc+0x10/0x10 [ 12.393128] ? ktime_get_ts64+0x86/0x230 [ 12.393152] kunit_try_run_case+0x1a5/0x480 [ 12.393175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.393196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.393218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.393240] ? __kthread_parkme+0x82/0x180 [ 12.393259] ? preempt_count_sub+0x50/0x80 [ 12.393282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.393304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.393325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.393347] kthread+0x337/0x6f0 [ 12.393365] ? trace_preempt_on+0x20/0xc0 [ 12.393387] ? __pfx_kthread+0x10/0x10 [ 12.393406] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.393425] ? calculate_sigpending+0x7b/0xa0 [ 12.393448] ? __pfx_kthread+0x10/0x10 [ 12.393468] ret_from_fork+0x116/0x1d0 [ 12.393485] ? __pfx_kthread+0x10/0x10 [ 12.393504] ret_from_fork_asm+0x1a/0x30 [ 12.393534] </TASK> [ 12.393545] [ 12.406329] Allocated by task 191: [ 12.406755] kasan_save_stack+0x45/0x70 [ 12.407084] kasan_save_track+0x18/0x40 [ 12.407223] kasan_save_alloc_info+0x3b/0x50 [ 12.407472] __kasan_kmalloc+0xb7/0xc0 [ 12.407864] __kmalloc_cache_noprof+0x189/0x420 [ 12.408325] kmalloc_oob_memset_4+0xac/0x330 [ 12.408829] kunit_try_run_case+0x1a5/0x480 [ 12.409285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.409597] kthread+0x337/0x6f0 [ 12.409748] ret_from_fork+0x116/0x1d0 [ 12.410114] ret_from_fork_asm+0x1a/0x30 [ 12.410533] [ 12.410717] The buggy address belongs to the object at ffff888102ad4300 [ 12.410717] which belongs to the cache kmalloc-128 of size 128 [ 12.411387] The buggy address is located 117 bytes inside of [ 12.411387] allocated 120-byte region [ffff888102ad4300, ffff888102ad4378) [ 12.412660] [ 12.412828] The buggy address belongs to the physical page: [ 12.413166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 12.413597] flags: 0x200000000000000(node=0|zone=2) [ 12.414135] page_type: f5(slab) [ 12.414547] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.415236] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.415963] page dumped because: kasan: bad access detected [ 12.416142] [ 12.416211] Memory state around the buggy address: [ 12.416438] ffff888102ad4200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.417120] ffff888102ad4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.418015] >ffff888102ad4300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.418789] ^ [ 12.419026] ffff888102ad4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.419245] ffff888102ad4400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.419487] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.358873] ================================================================== [ 12.359324] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 12.359571] Write of size 2 at addr ffff88810272b777 by task kunit_try_catch/189 [ 12.359796] [ 12.359880] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.359932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.359943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.359962] Call Trace: [ 12.359973] <TASK> [ 12.359986] dump_stack_lvl+0x73/0xb0 [ 12.360012] print_report+0xd1/0x610 [ 12.360033] ? __virt_addr_valid+0x1db/0x2d0 [ 12.360053] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.360073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.360093] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.360114] kasan_report+0x141/0x180 [ 12.360134] ? kmalloc_oob_memset_2+0x166/0x330 [ 12.360158] kasan_check_range+0x10c/0x1c0 [ 12.360180] __asan_memset+0x27/0x50 [ 12.360197] kmalloc_oob_memset_2+0x166/0x330 [ 12.360218] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.360239] ? __schedule+0x10cc/0x2b60 [ 12.360259] ? __pfx_read_tsc+0x10/0x10 [ 12.360278] ? ktime_get_ts64+0x86/0x230 [ 12.360301] kunit_try_run_case+0x1a5/0x480 [ 12.360323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.360344] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.360365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.360387] ? __kthread_parkme+0x82/0x180 [ 12.360405] ? preempt_count_sub+0x50/0x80 [ 12.360426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.360448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.360469] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.360491] kthread+0x337/0x6f0 [ 12.360508] ? trace_preempt_on+0x20/0xc0 [ 12.360529] ? __pfx_kthread+0x10/0x10 [ 12.360548] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.360567] ? calculate_sigpending+0x7b/0xa0 [ 12.360589] ? __pfx_kthread+0x10/0x10 [ 12.360608] ret_from_fork+0x116/0x1d0 [ 12.360625] ? __pfx_kthread+0x10/0x10 [ 12.360643] ret_from_fork_asm+0x1a/0x30 [ 12.360672] </TASK> [ 12.360681] [ 12.374976] Allocated by task 189: [ 12.375124] kasan_save_stack+0x45/0x70 [ 12.375270] kasan_save_track+0x18/0x40 [ 12.375552] kasan_save_alloc_info+0x3b/0x50 [ 12.375958] __kasan_kmalloc+0xb7/0xc0 [ 12.376385] __kmalloc_cache_noprof+0x189/0x420 [ 12.376757] kmalloc_oob_memset_2+0xac/0x330 [ 12.376944] kunit_try_run_case+0x1a5/0x480 [ 12.377094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.377264] kthread+0x337/0x6f0 [ 12.377446] ret_from_fork+0x116/0x1d0 [ 12.377739] ret_from_fork_asm+0x1a/0x30 [ 12.378043] [ 12.378181] The buggy address belongs to the object at ffff88810272b700 [ 12.378181] which belongs to the cache kmalloc-128 of size 128 [ 12.378919] The buggy address is located 119 bytes inside of [ 12.378919] allocated 120-byte region [ffff88810272b700, ffff88810272b778) [ 12.379585] [ 12.379810] The buggy address belongs to the physical page: [ 12.380073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272b [ 12.380458] flags: 0x200000000000000(node=0|zone=2) [ 12.380775] page_type: f5(slab) [ 12.380970] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.381332] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.381796] page dumped because: kasan: bad access detected [ 12.382083] [ 12.382190] Memory state around the buggy address: [ 12.382535] ffff88810272b600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.382887] ffff88810272b680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.383224] >ffff88810272b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.383743] ^ [ 12.384060] ffff88810272b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.384469] ffff88810272b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.384870] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.327118] ================================================================== [ 12.328316] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 12.329169] Write of size 128 at addr ffff88810272b600 by task kunit_try_catch/187 [ 12.330322] [ 12.330515] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.330560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.330571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.330591] Call Trace: [ 12.330603] <TASK> [ 12.330619] dump_stack_lvl+0x73/0xb0 [ 12.330650] print_report+0xd1/0x610 [ 12.330881] ? __virt_addr_valid+0x1db/0x2d0 [ 12.330944] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.330965] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.331025] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.331049] kasan_report+0x141/0x180 [ 12.331109] ? kmalloc_oob_in_memset+0x15f/0x320 [ 12.331153] kasan_check_range+0x10c/0x1c0 [ 12.331175] __asan_memset+0x27/0x50 [ 12.331194] kmalloc_oob_in_memset+0x15f/0x320 [ 12.331216] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.331238] ? __schedule+0x10cc/0x2b60 [ 12.331261] ? __pfx_read_tsc+0x10/0x10 [ 12.331282] ? ktime_get_ts64+0x86/0x230 [ 12.331306] kunit_try_run_case+0x1a5/0x480 [ 12.331347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.331369] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.331390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.331412] ? __kthread_parkme+0x82/0x180 [ 12.331431] ? preempt_count_sub+0x50/0x80 [ 12.331454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.331476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.331498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.331519] kthread+0x337/0x6f0 [ 12.331537] ? trace_preempt_on+0x20/0xc0 [ 12.331560] ? __pfx_kthread+0x10/0x10 [ 12.331579] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.331599] ? calculate_sigpending+0x7b/0xa0 [ 12.331621] ? __pfx_kthread+0x10/0x10 [ 12.331642] ret_from_fork+0x116/0x1d0 [ 12.331659] ? __pfx_kthread+0x10/0x10 [ 12.331693] ret_from_fork_asm+0x1a/0x30 [ 12.331722] </TASK> [ 12.331733] [ 12.344916] Allocated by task 187: [ 12.345110] kasan_save_stack+0x45/0x70 [ 12.345289] kasan_save_track+0x18/0x40 [ 12.345801] kasan_save_alloc_info+0x3b/0x50 [ 12.345991] __kasan_kmalloc+0xb7/0xc0 [ 12.346373] __kmalloc_cache_noprof+0x189/0x420 [ 12.346887] kmalloc_oob_in_memset+0xac/0x320 [ 12.347127] kunit_try_run_case+0x1a5/0x480 [ 12.347337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.348034] kthread+0x337/0x6f0 [ 12.348196] ret_from_fork+0x116/0x1d0 [ 12.348524] ret_from_fork_asm+0x1a/0x30 [ 12.348890] [ 12.349118] The buggy address belongs to the object at ffff88810272b600 [ 12.349118] which belongs to the cache kmalloc-128 of size 128 [ 12.349727] The buggy address is located 0 bytes inside of [ 12.349727] allocated 120-byte region [ffff88810272b600, ffff88810272b678) [ 12.350308] [ 12.350853] The buggy address belongs to the physical page: [ 12.351116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10272b [ 12.351661] flags: 0x200000000000000(node=0|zone=2) [ 12.352013] page_type: f5(slab) [ 12.352390] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.352758] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.353195] page dumped because: kasan: bad access detected [ 12.353598] [ 12.353822] Memory state around the buggy address: [ 12.354035] ffff88810272b500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.354636] ffff88810272b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.354948] >ffff88810272b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.355288] ^ [ 12.355639] ffff88810272b680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.355920] ffff88810272b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.356397] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.298805] ================================================================== [ 12.299802] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 12.300192] Read of size 16 at addr ffff888101d1f540 by task kunit_try_catch/185 [ 12.300895] [ 12.301175] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.301223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.301234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.301253] Call Trace: [ 12.301266] <TASK> [ 12.301279] dump_stack_lvl+0x73/0xb0 [ 12.301318] print_report+0xd1/0x610 [ 12.301340] ? __virt_addr_valid+0x1db/0x2d0 [ 12.301361] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.301392] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.301412] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.301432] kasan_report+0x141/0x180 [ 12.301452] ? kmalloc_uaf_16+0x47b/0x4c0 [ 12.301476] __asan_report_load16_noabort+0x18/0x20 [ 12.301498] kmalloc_uaf_16+0x47b/0x4c0 [ 12.301517] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.301540] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.301563] kunit_try_run_case+0x1a5/0x480 [ 12.301585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.301606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.301629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.301650] ? __kthread_parkme+0x82/0x180 [ 12.301669] ? preempt_count_sub+0x50/0x80 [ 12.301751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.301775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.301797] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.301819] kthread+0x337/0x6f0 [ 12.301838] ? trace_preempt_on+0x20/0xc0 [ 12.301860] ? __pfx_kthread+0x10/0x10 [ 12.301880] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.301900] ? calculate_sigpending+0x7b/0xa0 [ 12.301932] ? __pfx_kthread+0x10/0x10 [ 12.301952] ret_from_fork+0x116/0x1d0 [ 12.301969] ? __pfx_kthread+0x10/0x10 [ 12.301988] ret_from_fork_asm+0x1a/0x30 [ 12.302016] </TASK> [ 12.302026] [ 12.309152] Allocated by task 185: [ 12.309334] kasan_save_stack+0x45/0x70 [ 12.309492] kasan_save_track+0x18/0x40 [ 12.309685] kasan_save_alloc_info+0x3b/0x50 [ 12.309896] __kasan_kmalloc+0xb7/0xc0 [ 12.310040] __kmalloc_cache_noprof+0x189/0x420 [ 12.310196] kmalloc_uaf_16+0x15b/0x4c0 [ 12.310331] kunit_try_run_case+0x1a5/0x480 [ 12.310474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.310711] kthread+0x337/0x6f0 [ 12.311026] ret_from_fork+0x116/0x1d0 [ 12.311227] ret_from_fork_asm+0x1a/0x30 [ 12.311426] [ 12.311527] Freed by task 185: [ 12.311679] kasan_save_stack+0x45/0x70 [ 12.311884] kasan_save_track+0x18/0x40 [ 12.312029] kasan_save_free_info+0x3f/0x60 [ 12.312173] __kasan_slab_free+0x56/0x70 [ 12.312602] kfree+0x222/0x3f0 [ 12.312928] kmalloc_uaf_16+0x1d6/0x4c0 [ 12.313128] kunit_try_run_case+0x1a5/0x480 [ 12.313341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.313604] kthread+0x337/0x6f0 [ 12.313810] ret_from_fork+0x116/0x1d0 [ 12.313982] ret_from_fork_asm+0x1a/0x30 [ 12.314119] [ 12.314212] The buggy address belongs to the object at ffff888101d1f540 [ 12.314212] which belongs to the cache kmalloc-16 of size 16 [ 12.314775] The buggy address is located 0 bytes inside of [ 12.314775] freed 16-byte region [ffff888101d1f540, ffff888101d1f550) [ 12.315190] [ 12.315264] The buggy address belongs to the physical page: [ 12.315437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d1f [ 12.315675] flags: 0x200000000000000(node=0|zone=2) [ 12.315914] page_type: f5(slab) [ 12.316077] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.316416] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.316783] page dumped because: kasan: bad access detected [ 12.317469] [ 12.317579] Memory state around the buggy address: [ 12.317827] ffff888101d1f400: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.318081] ffff888101d1f480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.318404] >ffff888101d1f500: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 12.318716] ^ [ 12.318927] ffff888101d1f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.319212] ffff888101d1f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.319488] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.273960] ================================================================== [ 12.274481] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 12.274778] Write of size 16 at addr ffff888101d1f4e0 by task kunit_try_catch/183 [ 12.275115] [ 12.275239] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.275283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.275294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.275313] Call Trace: [ 12.275325] <TASK> [ 12.275340] dump_stack_lvl+0x73/0xb0 [ 12.275418] print_report+0xd1/0x610 [ 12.275441] ? __virt_addr_valid+0x1db/0x2d0 [ 12.275462] ? kmalloc_oob_16+0x452/0x4a0 [ 12.275481] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.275501] ? kmalloc_oob_16+0x452/0x4a0 [ 12.275521] kasan_report+0x141/0x180 [ 12.275541] ? kmalloc_oob_16+0x452/0x4a0 [ 12.275565] __asan_report_store16_noabort+0x1b/0x30 [ 12.275588] kmalloc_oob_16+0x452/0x4a0 [ 12.275608] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.275629] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 12.275653] ? __pfx_read_tsc+0x10/0x10 [ 12.275672] ? ktime_get_ts64+0x86/0x230 [ 12.275705] kunit_try_run_case+0x1a5/0x480 [ 12.275727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.275748] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 12.275769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.275790] ? __kthread_parkme+0x82/0x180 [ 12.275809] ? preempt_count_sub+0x50/0x80 [ 12.275831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.275853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.275876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.275897] kthread+0x337/0x6f0 [ 12.275929] ? trace_preempt_on+0x20/0xc0 [ 12.275950] ? __pfx_kthread+0x10/0x10 [ 12.275969] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.275989] ? calculate_sigpending+0x7b/0xa0 [ 12.276011] ? __pfx_kthread+0x10/0x10 [ 12.276031] ret_from_fork+0x116/0x1d0 [ 12.276048] ? __pfx_kthread+0x10/0x10 [ 12.276067] ret_from_fork_asm+0x1a/0x30 [ 12.276096] </TASK> [ 12.276106] [ 12.283347] Allocated by task 183: [ 12.283511] kasan_save_stack+0x45/0x70 [ 12.283736] kasan_save_track+0x18/0x40 [ 12.283891] kasan_save_alloc_info+0x3b/0x50 [ 12.284051] __kasan_kmalloc+0xb7/0xc0 [ 12.284182] __kmalloc_cache_noprof+0x189/0x420 [ 12.284349] kmalloc_oob_16+0xa8/0x4a0 [ 12.284573] kunit_try_run_case+0x1a5/0x480 [ 12.284870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.285129] kthread+0x337/0x6f0 [ 12.285297] ret_from_fork+0x116/0x1d0 [ 12.285477] ret_from_fork_asm+0x1a/0x30 [ 12.285620] [ 12.285691] The buggy address belongs to the object at ffff888101d1f4e0 [ 12.285691] which belongs to the cache kmalloc-16 of size 16 [ 12.286110] The buggy address is located 0 bytes inside of [ 12.286110] allocated 13-byte region [ffff888101d1f4e0, ffff888101d1f4ed) [ 12.286676] [ 12.286966] The buggy address belongs to the physical page: [ 12.287207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d1f [ 12.288554] flags: 0x200000000000000(node=0|zone=2) [ 12.288866] page_type: f5(slab) [ 12.289006] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.289301] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.290169] page dumped because: kasan: bad access detected [ 12.290707] [ 12.290820] Memory state around the buggy address: [ 12.291275] ffff888101d1f380: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 12.291736] ffff888101d1f400: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.292275] >ffff888101d1f480: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.292778] ^ [ 12.293068] ffff888101d1f500: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.293657] ffff888101d1f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.294259] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.245796] ================================================================== [ 12.246154] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 12.246494] Read of size 1 at addr ffff888102b91800 by task kunit_try_catch/181 [ 12.246818] [ 12.246938] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.246978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.246989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.247009] Call Trace: [ 12.247020] <TASK> [ 12.247034] dump_stack_lvl+0x73/0xb0 [ 12.247067] print_report+0xd1/0x610 [ 12.247088] ? __virt_addr_valid+0x1db/0x2d0 [ 12.247109] ? krealloc_uaf+0x53c/0x5e0 [ 12.247129] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.247149] ? krealloc_uaf+0x53c/0x5e0 [ 12.247169] kasan_report+0x141/0x180 [ 12.247190] ? krealloc_uaf+0x53c/0x5e0 [ 12.247214] __asan_report_load1_noabort+0x18/0x20 [ 12.247237] krealloc_uaf+0x53c/0x5e0 [ 12.247257] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.247276] ? finish_task_switch.isra.0+0x153/0x700 [ 12.247298] ? __switch_to+0x47/0xf50 [ 12.247322] ? __schedule+0x10cc/0x2b60 [ 12.247343] ? __pfx_read_tsc+0x10/0x10 [ 12.247363] ? ktime_get_ts64+0x86/0x230 [ 12.247386] kunit_try_run_case+0x1a5/0x480 [ 12.247408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.247429] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.247451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.247473] ? __kthread_parkme+0x82/0x180 [ 12.247491] ? preempt_count_sub+0x50/0x80 [ 12.247512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.247535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.247556] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.247579] kthread+0x337/0x6f0 [ 12.247597] ? trace_preempt_on+0x20/0xc0 [ 12.247619] ? __pfx_kthread+0x10/0x10 [ 12.247638] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.247657] ? calculate_sigpending+0x7b/0xa0 [ 12.247680] ? __pfx_kthread+0x10/0x10 [ 12.247700] ret_from_fork+0x116/0x1d0 [ 12.247717] ? __pfx_kthread+0x10/0x10 [ 12.247736] ret_from_fork_asm+0x1a/0x30 [ 12.247765] </TASK> [ 12.247774] [ 12.255855] Allocated by task 181: [ 12.256029] kasan_save_stack+0x45/0x70 [ 12.256208] kasan_save_track+0x18/0x40 [ 12.256343] kasan_save_alloc_info+0x3b/0x50 [ 12.256492] __kasan_kmalloc+0xb7/0xc0 [ 12.256634] __kmalloc_cache_noprof+0x189/0x420 [ 12.256894] krealloc_uaf+0xbb/0x5e0 [ 12.257094] kunit_try_run_case+0x1a5/0x480 [ 12.257299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.257485] kthread+0x337/0x6f0 [ 12.257605] ret_from_fork+0x116/0x1d0 [ 12.258035] ret_from_fork_asm+0x1a/0x30 [ 12.258251] [ 12.258353] Freed by task 181: [ 12.258577] kasan_save_stack+0x45/0x70 [ 12.258817] kasan_save_track+0x18/0x40 [ 12.258992] kasan_save_free_info+0x3f/0x60 [ 12.259160] __kasan_slab_free+0x56/0x70 [ 12.259355] kfree+0x222/0x3f0 [ 12.259597] krealloc_uaf+0x13d/0x5e0 [ 12.259828] kunit_try_run_case+0x1a5/0x480 [ 12.260037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.260282] kthread+0x337/0x6f0 [ 12.260492] ret_from_fork+0x116/0x1d0 [ 12.260674] ret_from_fork_asm+0x1a/0x30 [ 12.260847] [ 12.260930] The buggy address belongs to the object at ffff888102b91800 [ 12.260930] which belongs to the cache kmalloc-256 of size 256 [ 12.261603] The buggy address is located 0 bytes inside of [ 12.261603] freed 256-byte region [ffff888102b91800, ffff888102b91900) [ 12.262069] [ 12.262141] The buggy address belongs to the physical page: [ 12.262316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b90 [ 12.262566] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.262802] flags: 0x200000000000040(head|node=0|zone=2) [ 12.263041] page_type: f5(slab) [ 12.263274] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.264059] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.264489] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.264719] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.264961] head: 0200000000000001 ffffea00040ae401 00000000ffffffff 00000000ffffffff [ 12.265192] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.266067] page dumped because: kasan: bad access detected [ 12.266336] [ 12.266430] Memory state around the buggy address: [ 12.266661] ffff888102b91700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.267062] ffff888102b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.267458] >ffff888102b91800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.267824] ^ [ 12.268008] ffff888102b91880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.268246] ffff888102b91900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.268579] ================================================================== [ 12.208489] ================================================================== [ 12.208944] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 12.209222] Read of size 1 at addr ffff888102b91800 by task kunit_try_catch/181 [ 12.209750] [ 12.209933] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.209979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.209991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.210011] Call Trace: [ 12.210023] <TASK> [ 12.210038] dump_stack_lvl+0x73/0xb0 [ 12.210069] print_report+0xd1/0x610 [ 12.210090] ? __virt_addr_valid+0x1db/0x2d0 [ 12.210112] ? krealloc_uaf+0x1b8/0x5e0 [ 12.210132] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.210153] ? krealloc_uaf+0x1b8/0x5e0 [ 12.210173] kasan_report+0x141/0x180 [ 12.210193] ? krealloc_uaf+0x1b8/0x5e0 [ 12.210216] ? krealloc_uaf+0x1b8/0x5e0 [ 12.210236] __kasan_check_byte+0x3d/0x50 [ 12.210256] krealloc_noprof+0x3f/0x340 [ 12.210274] ? stack_depot_save_flags+0x48b/0x840 [ 12.210299] krealloc_uaf+0x1b8/0x5e0 [ 12.210319] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.210338] ? finish_task_switch.isra.0+0x153/0x700 [ 12.210360] ? __switch_to+0x47/0xf50 [ 12.210384] ? __schedule+0x10cc/0x2b60 [ 12.210419] ? __pfx_read_tsc+0x10/0x10 [ 12.210438] ? ktime_get_ts64+0x86/0x230 [ 12.210461] kunit_try_run_case+0x1a5/0x480 [ 12.210485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.210506] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.210528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.210550] ? __kthread_parkme+0x82/0x180 [ 12.210569] ? preempt_count_sub+0x50/0x80 [ 12.210590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.210612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.210634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.210655] kthread+0x337/0x6f0 [ 12.210673] ? trace_preempt_on+0x20/0xc0 [ 12.210695] ? __pfx_kthread+0x10/0x10 [ 12.210715] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.210735] ? calculate_sigpending+0x7b/0xa0 [ 12.210771] ? __pfx_kthread+0x10/0x10 [ 12.210792] ret_from_fork+0x116/0x1d0 [ 12.210809] ? __pfx_kthread+0x10/0x10 [ 12.210828] ret_from_fork_asm+0x1a/0x30 [ 12.210857] </TASK> [ 12.210868] [ 12.226273] Allocated by task 181: [ 12.226683] kasan_save_stack+0x45/0x70 [ 12.227167] kasan_save_track+0x18/0x40 [ 12.227616] kasan_save_alloc_info+0x3b/0x50 [ 12.228156] __kasan_kmalloc+0xb7/0xc0 [ 12.228685] __kmalloc_cache_noprof+0x189/0x420 [ 12.229112] krealloc_uaf+0xbb/0x5e0 [ 12.229479] kunit_try_run_case+0x1a5/0x480 [ 12.229953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.230185] kthread+0x337/0x6f0 [ 12.230308] ret_from_fork+0x116/0x1d0 [ 12.230667] ret_from_fork_asm+0x1a/0x30 [ 12.231049] [ 12.231208] Freed by task 181: [ 12.231491] kasan_save_stack+0x45/0x70 [ 12.231897] kasan_save_track+0x18/0x40 [ 12.232313] kasan_save_free_info+0x3f/0x60 [ 12.232745] __kasan_slab_free+0x56/0x70 [ 12.233193] kfree+0x222/0x3f0 [ 12.233500] krealloc_uaf+0x13d/0x5e0 [ 12.233771] kunit_try_run_case+0x1a5/0x480 [ 12.233934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.234110] kthread+0x337/0x6f0 [ 12.234230] ret_from_fork+0x116/0x1d0 [ 12.234427] ret_from_fork_asm+0x1a/0x30 [ 12.234774] [ 12.234940] The buggy address belongs to the object at ffff888102b91800 [ 12.234940] which belongs to the cache kmalloc-256 of size 256 [ 12.236150] The buggy address is located 0 bytes inside of [ 12.236150] freed 256-byte region [ffff888102b91800, ffff888102b91900) [ 12.237421] [ 12.237588] The buggy address belongs to the physical page: [ 12.238170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b90 [ 12.238998] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.239470] flags: 0x200000000000040(head|node=0|zone=2) [ 12.240021] page_type: f5(slab) [ 12.240312] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.240848] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.241102] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.241336] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.241572] head: 0200000000000001 ffffea00040ae401 00000000ffffffff 00000000ffffffff [ 12.241962] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.242415] page dumped because: kasan: bad access detected [ 12.242647] [ 12.242744] Memory state around the buggy address: [ 12.242982] ffff888102b91700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.243286] ffff888102b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.243639] >ffff888102b91800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.243939] ^ [ 12.244115] ffff888102b91880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.244484] ffff888102b91900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.244959] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.168532] ================================================================== [ 12.168835] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.169086] Write of size 1 at addr ffff888102b760ea by task kunit_try_catch/179 [ 12.169309] [ 12.169410] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.169449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.169459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.169526] Call Trace: [ 12.169541] <TASK> [ 12.169554] dump_stack_lvl+0x73/0xb0 [ 12.169581] print_report+0xd1/0x610 [ 12.169601] ? __virt_addr_valid+0x1db/0x2d0 [ 12.169621] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.169643] ? kasan_addr_to_slab+0x11/0xa0 [ 12.169662] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.169684] kasan_report+0x141/0x180 [ 12.169704] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.169731] __asan_report_store1_noabort+0x1b/0x30 [ 12.169754] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.169778] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.169800] ? finish_task_switch.isra.0+0x153/0x700 [ 12.169820] ? __switch_to+0x47/0xf50 [ 12.169843] ? __schedule+0x10cc/0x2b60 [ 12.169863] ? __pfx_read_tsc+0x10/0x10 [ 12.169886] krealloc_large_less_oob+0x1c/0x30 [ 12.169919] kunit_try_run_case+0x1a5/0x480 [ 12.169942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.169962] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.169984] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.170006] ? __kthread_parkme+0x82/0x180 [ 12.170026] ? preempt_count_sub+0x50/0x80 [ 12.170049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.170072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.170106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.170129] kthread+0x337/0x6f0 [ 12.170147] ? trace_preempt_on+0x20/0xc0 [ 12.170169] ? __pfx_kthread+0x10/0x10 [ 12.170188] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.170209] ? calculate_sigpending+0x7b/0xa0 [ 12.170231] ? __pfx_kthread+0x10/0x10 [ 12.170251] ret_from_fork+0x116/0x1d0 [ 12.170269] ? __pfx_kthread+0x10/0x10 [ 12.170288] ret_from_fork_asm+0x1a/0x30 [ 12.170317] </TASK> [ 12.170327] [ 12.178941] The buggy address belongs to the physical page: [ 12.179218] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b74 [ 12.179614] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.179963] flags: 0x200000000000040(head|node=0|zone=2) [ 12.180209] page_type: f8(unknown) [ 12.180431] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.180774] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.181092] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.181465] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.181834] head: 0200000000000002 ffffea00040add01 00000000ffffffff 00000000ffffffff [ 12.182136] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.182645] page dumped because: kasan: bad access detected [ 12.183010] [ 12.183108] Memory state around the buggy address: [ 12.183268] ffff888102b75f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.183485] ffff888102b76000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.183700] >ffff888102b76080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.183919] ^ [ 12.184173] ffff888102b76100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.184787] ffff888102b76180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.185109] ================================================================== [ 12.025824] ================================================================== [ 12.026168] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.026698] Write of size 1 at addr ffff888102b916eb by task kunit_try_catch/175 [ 12.026973] [ 12.027060] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.027100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.027111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.027130] Call Trace: [ 12.027145] <TASK> [ 12.027159] dump_stack_lvl+0x73/0xb0 [ 12.027185] print_report+0xd1/0x610 [ 12.027205] ? __virt_addr_valid+0x1db/0x2d0 [ 12.027225] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.027247] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.027267] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.027290] kasan_report+0x141/0x180 [ 12.027310] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.027337] __asan_report_store1_noabort+0x1b/0x30 [ 12.027360] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.027384] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.027470] ? finish_task_switch.isra.0+0x153/0x700 [ 12.027490] ? __switch_to+0x47/0xf50 [ 12.027514] ? __schedule+0x10cc/0x2b60 [ 12.027535] ? __pfx_read_tsc+0x10/0x10 [ 12.027557] krealloc_less_oob+0x1c/0x30 [ 12.027577] kunit_try_run_case+0x1a5/0x480 [ 12.027600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.027621] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.027643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.027665] ? __kthread_parkme+0x82/0x180 [ 12.027697] ? preempt_count_sub+0x50/0x80 [ 12.027719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.027741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.027763] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.027784] kthread+0x337/0x6f0 [ 12.027802] ? trace_preempt_on+0x20/0xc0 [ 12.027823] ? __pfx_kthread+0x10/0x10 [ 12.027842] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.027862] ? calculate_sigpending+0x7b/0xa0 [ 12.027884] ? __pfx_kthread+0x10/0x10 [ 12.027904] ret_from_fork+0x116/0x1d0 [ 12.027933] ? __pfx_kthread+0x10/0x10 [ 12.027952] ret_from_fork_asm+0x1a/0x30 [ 12.027980] </TASK> [ 12.027989] [ 12.035584] Allocated by task 175: [ 12.035763] kasan_save_stack+0x45/0x70 [ 12.035971] kasan_save_track+0x18/0x40 [ 12.036337] kasan_save_alloc_info+0x3b/0x50 [ 12.036551] __kasan_krealloc+0x190/0x1f0 [ 12.036758] krealloc_noprof+0xf3/0x340 [ 12.036967] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.037174] krealloc_less_oob+0x1c/0x30 [ 12.037312] kunit_try_run_case+0x1a5/0x480 [ 12.037801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.038025] kthread+0x337/0x6f0 [ 12.038203] ret_from_fork+0x116/0x1d0 [ 12.038454] ret_from_fork_asm+0x1a/0x30 [ 12.038641] [ 12.038757] The buggy address belongs to the object at ffff888102b91600 [ 12.038757] which belongs to the cache kmalloc-256 of size 256 [ 12.039191] The buggy address is located 34 bytes to the right of [ 12.039191] allocated 201-byte region [ffff888102b91600, ffff888102b916c9) [ 12.039687] [ 12.039973] The buggy address belongs to the physical page: [ 12.040424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b90 [ 12.040702] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.041052] flags: 0x200000000000040(head|node=0|zone=2) [ 12.041231] page_type: f5(slab) [ 12.041373] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.041767] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.042105] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.042479] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.042714] head: 0200000000000001 ffffea00040ae401 00000000ffffffff 00000000ffffffff [ 12.042972] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.043313] page dumped because: kasan: bad access detected [ 12.043584] [ 12.043675] Memory state around the buggy address: [ 12.044234] ffff888102b91580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.044728] ffff888102b91600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.045027] >ffff888102b91680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.045284] ^ [ 12.045600] ffff888102b91700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.046018] ffff888102b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.046318] ================================================================== [ 12.151516] ================================================================== [ 12.151816] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 12.152310] Write of size 1 at addr ffff888102b760da by task kunit_try_catch/179 [ 12.152609] [ 12.152695] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.152736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.152746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.152765] Call Trace: [ 12.152777] <TASK> [ 12.152790] dump_stack_lvl+0x73/0xb0 [ 12.152815] print_report+0xd1/0x610 [ 12.152835] ? __virt_addr_valid+0x1db/0x2d0 [ 12.152857] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.152878] ? kasan_addr_to_slab+0x11/0xa0 [ 12.152897] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.152932] kasan_report+0x141/0x180 [ 12.152952] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 12.152979] __asan_report_store1_noabort+0x1b/0x30 [ 12.153001] krealloc_less_oob_helper+0xec6/0x11d0 [ 12.153025] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.153048] ? finish_task_switch.isra.0+0x153/0x700 [ 12.153068] ? __switch_to+0x47/0xf50 [ 12.153091] ? __schedule+0x10cc/0x2b60 [ 12.153111] ? __pfx_read_tsc+0x10/0x10 [ 12.153134] krealloc_large_less_oob+0x1c/0x30 [ 12.153156] kunit_try_run_case+0x1a5/0x480 [ 12.153179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.153200] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.153221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.153243] ? __kthread_parkme+0x82/0x180 [ 12.153261] ? preempt_count_sub+0x50/0x80 [ 12.153282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.153305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.153326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.153348] kthread+0x337/0x6f0 [ 12.153366] ? trace_preempt_on+0x20/0xc0 [ 12.153387] ? __pfx_kthread+0x10/0x10 [ 12.153406] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.153425] ? calculate_sigpending+0x7b/0xa0 [ 12.153447] ? __pfx_kthread+0x10/0x10 [ 12.153467] ret_from_fork+0x116/0x1d0 [ 12.153484] ? __pfx_kthread+0x10/0x10 [ 12.153503] ret_from_fork_asm+0x1a/0x30 [ 12.153532] </TASK> [ 12.153540] [ 12.161485] The buggy address belongs to the physical page: [ 12.161737] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b74 [ 12.162099] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.162757] flags: 0x200000000000040(head|node=0|zone=2) [ 12.162964] page_type: f8(unknown) [ 12.163097] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.163340] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.163755] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.164069] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.164444] head: 0200000000000002 ffffea00040add01 00000000ffffffff 00000000ffffffff [ 12.164770] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.165061] page dumped because: kasan: bad access detected [ 12.165289] [ 12.165449] Memory state around the buggy address: [ 12.165657] ffff888102b75f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.165955] ffff888102b76000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.166248] >ffff888102b76080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.166640] ^ [ 12.167308] ffff888102b76100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.167822] ffff888102b76180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.168108] ================================================================== [ 12.004736] ================================================================== [ 12.005064] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 12.005499] Write of size 1 at addr ffff888102b916ea by task kunit_try_catch/175 [ 12.005782] [ 12.005893] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.005946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.005957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.005978] Call Trace: [ 12.005990] <TASK> [ 12.006003] dump_stack_lvl+0x73/0xb0 [ 12.006029] print_report+0xd1/0x610 [ 12.006050] ? __virt_addr_valid+0x1db/0x2d0 [ 12.006070] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.006093] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.006113] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.006135] kasan_report+0x141/0x180 [ 12.006156] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 12.006182] __asan_report_store1_noabort+0x1b/0x30 [ 12.006205] krealloc_less_oob_helper+0xe90/0x11d0 [ 12.006229] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.006252] ? finish_task_switch.isra.0+0x153/0x700 [ 12.006272] ? __switch_to+0x47/0xf50 [ 12.006297] ? __schedule+0x10cc/0x2b60 [ 12.006317] ? __pfx_read_tsc+0x10/0x10 [ 12.006340] krealloc_less_oob+0x1c/0x30 [ 12.006360] kunit_try_run_case+0x1a5/0x480 [ 12.006382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.006403] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.006425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.006448] ? __kthread_parkme+0x82/0x180 [ 12.006466] ? preempt_count_sub+0x50/0x80 [ 12.006487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.006512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.006535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.006557] kthread+0x337/0x6f0 [ 12.006576] ? trace_preempt_on+0x20/0xc0 [ 12.006597] ? __pfx_kthread+0x10/0x10 [ 12.006616] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.006638] ? calculate_sigpending+0x7b/0xa0 [ 12.006661] ? __pfx_kthread+0x10/0x10 [ 12.006684] ret_from_fork+0x116/0x1d0 [ 12.006702] ? __pfx_kthread+0x10/0x10 [ 12.006721] ret_from_fork_asm+0x1a/0x30 [ 12.006750] </TASK> [ 12.006759] [ 12.015158] Allocated by task 175: [ 12.015316] kasan_save_stack+0x45/0x70 [ 12.015513] kasan_save_track+0x18/0x40 [ 12.015649] kasan_save_alloc_info+0x3b/0x50 [ 12.015798] __kasan_krealloc+0x190/0x1f0 [ 12.015961] krealloc_noprof+0xf3/0x340 [ 12.016151] krealloc_less_oob_helper+0x1aa/0x11d0 [ 12.016404] krealloc_less_oob+0x1c/0x30 [ 12.016651] kunit_try_run_case+0x1a5/0x480 [ 12.016994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.017170] kthread+0x337/0x6f0 [ 12.017288] ret_from_fork+0x116/0x1d0 [ 12.017698] ret_from_fork_asm+0x1a/0x30 [ 12.017920] [ 12.018014] The buggy address belongs to the object at ffff888102b91600 [ 12.018014] which belongs to the cache kmalloc-256 of size 256 [ 12.018631] The buggy address is located 33 bytes to the right of [ 12.018631] allocated 201-byte region [ffff888102b91600, ffff888102b916c9) [ 12.019226] [ 12.019324] The buggy address belongs to the physical page: [ 12.019643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b90 [ 12.019969] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.020194] flags: 0x200000000000040(head|node=0|zone=2) [ 12.020365] page_type: f5(slab) [ 12.020519] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.020963] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.021296] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.021602] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.021830] head: 0200000000000001 ffffea00040ae401 00000000ffffffff 00000000ffffffff [ 12.022647] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.022986] page dumped because: kasan: bad access detected [ 12.023228] [ 12.023319] Memory state around the buggy address: [ 12.023504] ffff888102b91580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.023902] ffff888102b91600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.024207] >ffff888102b91680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.024544] ^ [ 12.024814] ffff888102b91700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.025124] ffff888102b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.025468] ================================================================== [ 12.128482] ================================================================== [ 12.129182] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 12.129626] Write of size 1 at addr ffff888102b760d0 by task kunit_try_catch/179 [ 12.129970] [ 12.130358] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.130503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.130517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.130536] Call Trace: [ 12.130548] <TASK> [ 12.130561] dump_stack_lvl+0x73/0xb0 [ 12.130591] print_report+0xd1/0x610 [ 12.130612] ? __virt_addr_valid+0x1db/0x2d0 [ 12.130641] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.130664] ? kasan_addr_to_slab+0x11/0xa0 [ 12.130683] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.130707] kasan_report+0x141/0x180 [ 12.130728] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 12.130755] __asan_report_store1_noabort+0x1b/0x30 [ 12.130778] krealloc_less_oob_helper+0xe23/0x11d0 [ 12.130803] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.130825] ? finish_task_switch.isra.0+0x153/0x700 [ 12.130846] ? __switch_to+0x47/0xf50 [ 12.130870] ? __schedule+0x10cc/0x2b60 [ 12.130891] ? __pfx_read_tsc+0x10/0x10 [ 12.130923] krealloc_large_less_oob+0x1c/0x30 [ 12.130945] kunit_try_run_case+0x1a5/0x480 [ 12.130969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.130990] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.131012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.131034] ? __kthread_parkme+0x82/0x180 [ 12.131053] ? preempt_count_sub+0x50/0x80 [ 12.131082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.131105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.131126] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.131148] kthread+0x337/0x6f0 [ 12.131167] ? trace_preempt_on+0x20/0xc0 [ 12.131188] ? __pfx_kthread+0x10/0x10 [ 12.131207] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.131227] ? calculate_sigpending+0x7b/0xa0 [ 12.131250] ? __pfx_kthread+0x10/0x10 [ 12.131270] ret_from_fork+0x116/0x1d0 [ 12.131287] ? __pfx_kthread+0x10/0x10 [ 12.131307] ret_from_fork_asm+0x1a/0x30 [ 12.131337] </TASK> [ 12.131348] [ 12.143064] The buggy address belongs to the physical page: [ 12.143562] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b74 [ 12.144173] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.145005] flags: 0x200000000000040(head|node=0|zone=2) [ 12.145305] page_type: f8(unknown) [ 12.145785] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.146438] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.146861] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.147457] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.147883] head: 0200000000000002 ffffea00040add01 00000000ffffffff 00000000ffffffff [ 12.148163] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.148517] page dumped because: kasan: bad access detected [ 12.148723] [ 12.148820] Memory state around the buggy address: [ 12.149064] ffff888102b75f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.149313] ffff888102b76000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.149616] >ffff888102b76080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.150031] ^ [ 12.150270] ffff888102b76100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.150792] ffff888102b76180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.151177] ================================================================== [ 12.101868] ================================================================== [ 12.102453] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 12.103502] Write of size 1 at addr ffff888102b760c9 by task kunit_try_catch/179 [ 12.104523] [ 12.104855] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.105004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.105017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.105039] Call Trace: [ 12.105052] <TASK> [ 12.105067] dump_stack_lvl+0x73/0xb0 [ 12.105098] print_report+0xd1/0x610 [ 12.105119] ? __virt_addr_valid+0x1db/0x2d0 [ 12.105141] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.105163] ? kasan_addr_to_slab+0x11/0xa0 [ 12.105183] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.105205] kasan_report+0x141/0x180 [ 12.105226] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 12.105252] __asan_report_store1_noabort+0x1b/0x30 [ 12.105275] krealloc_less_oob_helper+0xd70/0x11d0 [ 12.105299] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.105322] ? finish_task_switch.isra.0+0x153/0x700 [ 12.105342] ? __switch_to+0x47/0xf50 [ 12.105366] ? __schedule+0x10cc/0x2b60 [ 12.105387] ? __pfx_read_tsc+0x10/0x10 [ 12.105410] krealloc_large_less_oob+0x1c/0x30 [ 12.105431] kunit_try_run_case+0x1a5/0x480 [ 12.105454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.105475] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.105497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.105518] ? __kthread_parkme+0x82/0x180 [ 12.105537] ? preempt_count_sub+0x50/0x80 [ 12.105559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.105581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.105602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.105624] kthread+0x337/0x6f0 [ 12.105642] ? trace_preempt_on+0x20/0xc0 [ 12.105663] ? __pfx_kthread+0x10/0x10 [ 12.105684] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.105703] ? calculate_sigpending+0x7b/0xa0 [ 12.105725] ? __pfx_kthread+0x10/0x10 [ 12.105746] ret_from_fork+0x116/0x1d0 [ 12.105763] ? __pfx_kthread+0x10/0x10 [ 12.105783] ret_from_fork_asm+0x1a/0x30 [ 12.105812] </TASK> [ 12.105822] [ 12.117903] The buggy address belongs to the physical page: [ 12.118177] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b74 [ 12.118965] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.119526] flags: 0x200000000000040(head|node=0|zone=2) [ 12.120068] page_type: f8(unknown) [ 12.120246] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.121051] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.121842] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.122180] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.122822] head: 0200000000000002 ffffea00040add01 00000000ffffffff 00000000ffffffff [ 12.123228] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.123739] page dumped because: kasan: bad access detected [ 12.123990] [ 12.124079] Memory state around the buggy address: [ 12.124285] ffff888102b75f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.125139] ffff888102b76000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.125498] >ffff888102b76080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.126143] ^ [ 12.126665] ffff888102b76100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.127320] ffff888102b76180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.127959] ================================================================== [ 11.984036] ================================================================== [ 11.984335] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.984830] Write of size 1 at addr ffff888102b916da by task kunit_try_catch/175 [ 11.985135] [ 11.985226] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.985265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.985275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.985294] Call Trace: [ 11.985307] <TASK> [ 11.985319] dump_stack_lvl+0x73/0xb0 [ 11.985346] print_report+0xd1/0x610 [ 11.985436] ? __virt_addr_valid+0x1db/0x2d0 [ 11.985457] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.985480] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.985500] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.985523] kasan_report+0x141/0x180 [ 11.985543] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.985570] __asan_report_store1_noabort+0x1b/0x30 [ 11.985593] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.985617] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.985639] ? finish_task_switch.isra.0+0x153/0x700 [ 11.985659] ? __switch_to+0x47/0xf50 [ 11.985682] ? __schedule+0x10cc/0x2b60 [ 11.985703] ? __pfx_read_tsc+0x10/0x10 [ 11.985725] krealloc_less_oob+0x1c/0x30 [ 11.985745] kunit_try_run_case+0x1a5/0x480 [ 11.985768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.985790] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.985812] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.985833] ? __kthread_parkme+0x82/0x180 [ 11.985852] ? preempt_count_sub+0x50/0x80 [ 11.985873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.985896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.985929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.985951] kthread+0x337/0x6f0 [ 11.985970] ? trace_preempt_on+0x20/0xc0 [ 11.985991] ? __pfx_kthread+0x10/0x10 [ 11.986010] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.986030] ? calculate_sigpending+0x7b/0xa0 [ 11.986051] ? __pfx_kthread+0x10/0x10 [ 11.986072] ret_from_fork+0x116/0x1d0 [ 11.986089] ? __pfx_kthread+0x10/0x10 [ 11.986109] ret_from_fork_asm+0x1a/0x30 [ 11.986137] </TASK> [ 11.986147] [ 11.993826] Allocated by task 175: [ 11.993965] kasan_save_stack+0x45/0x70 [ 11.994102] kasan_save_track+0x18/0x40 [ 11.994396] kasan_save_alloc_info+0x3b/0x50 [ 11.994609] __kasan_krealloc+0x190/0x1f0 [ 11.994801] krealloc_noprof+0xf3/0x340 [ 11.995007] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.995439] krealloc_less_oob+0x1c/0x30 [ 11.995606] kunit_try_run_case+0x1a5/0x480 [ 11.995805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.995988] kthread+0x337/0x6f0 [ 11.996104] ret_from_fork+0x116/0x1d0 [ 11.996232] ret_from_fork_asm+0x1a/0x30 [ 11.996365] [ 11.996434] The buggy address belongs to the object at ffff888102b91600 [ 11.996434] which belongs to the cache kmalloc-256 of size 256 [ 11.996798] The buggy address is located 17 bytes to the right of [ 11.996798] allocated 201-byte region [ffff888102b91600, ffff888102b916c9) [ 11.997343] [ 11.997434] The buggy address belongs to the physical page: [ 11.997683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b90 [ 11.998275] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.998746] flags: 0x200000000000040(head|node=0|zone=2) [ 11.998935] page_type: f5(slab) [ 11.999051] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.999277] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.999611] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.000111] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.000550] head: 0200000000000001 ffffea00040ae401 00000000ffffffff 00000000ffffffff [ 12.001070] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 12.001705] page dumped because: kasan: bad access detected [ 12.001929] [ 12.002021] Memory state around the buggy address: [ 12.002197] ffff888102b91580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.002662] ffff888102b91600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.003023] >ffff888102b91680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.003241] ^ [ 12.003689] ffff888102b91700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.004026] ffff888102b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.004309] ================================================================== [ 12.185469] ================================================================== [ 12.185786] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 12.186036] Write of size 1 at addr ffff888102b760eb by task kunit_try_catch/179 [ 12.186261] [ 12.186341] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.186381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.186391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.186410] Call Trace: [ 12.186423] <TASK> [ 12.186436] dump_stack_lvl+0x73/0xb0 [ 12.186606] print_report+0xd1/0x610 [ 12.186627] ? __virt_addr_valid+0x1db/0x2d0 [ 12.186648] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.186672] ? kasan_addr_to_slab+0x11/0xa0 [ 12.186692] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.186733] kasan_report+0x141/0x180 [ 12.186754] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 12.186781] __asan_report_store1_noabort+0x1b/0x30 [ 12.186805] krealloc_less_oob_helper+0xd47/0x11d0 [ 12.186830] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.186853] ? finish_task_switch.isra.0+0x153/0x700 [ 12.186874] ? __switch_to+0x47/0xf50 [ 12.186899] ? __schedule+0x10cc/0x2b60 [ 12.186934] ? __pfx_read_tsc+0x10/0x10 [ 12.186957] krealloc_large_less_oob+0x1c/0x30 [ 12.186979] kunit_try_run_case+0x1a5/0x480 [ 12.187002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.187024] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.187046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.187073] ? __kthread_parkme+0x82/0x180 [ 12.187092] ? preempt_count_sub+0x50/0x80 [ 12.187114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.187137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.187159] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.187181] kthread+0x337/0x6f0 [ 12.187201] ? trace_preempt_on+0x20/0xc0 [ 12.187223] ? __pfx_kthread+0x10/0x10 [ 12.187242] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.187262] ? calculate_sigpending+0x7b/0xa0 [ 12.187284] ? __pfx_kthread+0x10/0x10 [ 12.187304] ret_from_fork+0x116/0x1d0 [ 12.187320] ? __pfx_kthread+0x10/0x10 [ 12.187339] ret_from_fork_asm+0x1a/0x30 [ 12.187431] </TASK> [ 12.187440] [ 12.196065] The buggy address belongs to the physical page: [ 12.196295] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b74 [ 12.196673] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.196939] flags: 0x200000000000040(head|node=0|zone=2) [ 12.197193] page_type: f8(unknown) [ 12.197363] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.197695] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.197936] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.198276] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.198612] head: 0200000000000002 ffffea00040add01 00000000ffffffff 00000000ffffffff [ 12.199029] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.199444] page dumped because: kasan: bad access detected [ 12.199624] [ 12.199711] Memory state around the buggy address: [ 12.199952] ffff888102b75f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.200239] ffff888102b76000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.200599] >ffff888102b76080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.200896] ^ [ 12.201170] ffff888102b76100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.201471] ffff888102b76180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.201832] ================================================================== [ 11.921224] ================================================================== [ 11.921856] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.922254] Write of size 1 at addr ffff888102b916c9 by task kunit_try_catch/175 [ 11.922719] [ 11.922941] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.922989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.923000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.923030] Call Trace: [ 11.923042] <TASK> [ 11.923061] dump_stack_lvl+0x73/0xb0 [ 11.923104] print_report+0xd1/0x610 [ 11.923126] ? __virt_addr_valid+0x1db/0x2d0 [ 11.923147] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.923169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.923189] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.923212] kasan_report+0x141/0x180 [ 11.923232] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.923259] __asan_report_store1_noabort+0x1b/0x30 [ 11.923281] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.923305] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.923337] ? finish_task_switch.isra.0+0x153/0x700 [ 11.923357] ? __switch_to+0x47/0xf50 [ 11.923381] ? __schedule+0x10cc/0x2b60 [ 11.923478] ? __pfx_read_tsc+0x10/0x10 [ 11.923503] krealloc_less_oob+0x1c/0x30 [ 11.923524] kunit_try_run_case+0x1a5/0x480 [ 11.923546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.923579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.923601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.923623] ? __kthread_parkme+0x82/0x180 [ 11.923653] ? preempt_count_sub+0x50/0x80 [ 11.923675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.923707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.923729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.923751] kthread+0x337/0x6f0 [ 11.923769] ? trace_preempt_on+0x20/0xc0 [ 11.923790] ? __pfx_kthread+0x10/0x10 [ 11.923810] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.923829] ? calculate_sigpending+0x7b/0xa0 [ 11.923851] ? __pfx_kthread+0x10/0x10 [ 11.923871] ret_from_fork+0x116/0x1d0 [ 11.923888] ? __pfx_kthread+0x10/0x10 [ 11.923917] ret_from_fork_asm+0x1a/0x30 [ 11.923946] </TASK> [ 11.923956] [ 11.939591] Allocated by task 175: [ 11.940111] kasan_save_stack+0x45/0x70 [ 11.940261] kasan_save_track+0x18/0x40 [ 11.940700] kasan_save_alloc_info+0x3b/0x50 [ 11.941268] __kasan_krealloc+0x190/0x1f0 [ 11.941784] krealloc_noprof+0xf3/0x340 [ 11.942309] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.942992] krealloc_less_oob+0x1c/0x30 [ 11.943297] kunit_try_run_case+0x1a5/0x480 [ 11.943645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.944148] kthread+0x337/0x6f0 [ 11.944278] ret_from_fork+0x116/0x1d0 [ 11.944592] ret_from_fork_asm+0x1a/0x30 [ 11.945022] [ 11.945207] The buggy address belongs to the object at ffff888102b91600 [ 11.945207] which belongs to the cache kmalloc-256 of size 256 [ 11.946258] The buggy address is located 0 bytes to the right of [ 11.946258] allocated 201-byte region [ffff888102b91600, ffff888102b916c9) [ 11.947502] [ 11.947783] The buggy address belongs to the physical page: [ 11.948201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b90 [ 11.948733] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.949559] flags: 0x200000000000040(head|node=0|zone=2) [ 11.949776] page_type: f5(slab) [ 11.950292] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.951060] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.951301] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.951998] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.952859] head: 0200000000000001 ffffea00040ae401 00000000ffffffff 00000000ffffffff [ 11.953702] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.954146] page dumped because: kasan: bad access detected [ 11.954322] [ 11.954393] Memory state around the buggy address: [ 11.955066] ffff888102b91580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.955760] ffff888102b91600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.956475] >ffff888102b91680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.957153] ^ [ 11.957333] ffff888102b91700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.957549] ffff888102b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.958080] ================================================================== [ 11.959170] ================================================================== [ 11.960282] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.961347] Write of size 1 at addr ffff888102b916d0 by task kunit_try_catch/175 [ 11.961949] [ 11.962038] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.962080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.962091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.962110] Call Trace: [ 11.962121] <TASK> [ 11.962135] dump_stack_lvl+0x73/0xb0 [ 11.962163] print_report+0xd1/0x610 [ 11.962183] ? __virt_addr_valid+0x1db/0x2d0 [ 11.962204] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.962226] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.962246] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.962269] kasan_report+0x141/0x180 [ 11.962289] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.962316] __asan_report_store1_noabort+0x1b/0x30 [ 11.962338] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.962517] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.962541] ? finish_task_switch.isra.0+0x153/0x700 [ 11.962562] ? __switch_to+0x47/0xf50 [ 11.962586] ? __schedule+0x10cc/0x2b60 [ 11.962607] ? __pfx_read_tsc+0x10/0x10 [ 11.962630] krealloc_less_oob+0x1c/0x30 [ 11.962650] kunit_try_run_case+0x1a5/0x480 [ 11.962672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.962705] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.962726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.962748] ? __kthread_parkme+0x82/0x180 [ 11.962767] ? preempt_count_sub+0x50/0x80 [ 11.962788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.962810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.962832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.962853] kthread+0x337/0x6f0 [ 11.962872] ? trace_preempt_on+0x20/0xc0 [ 11.962893] ? __pfx_kthread+0x10/0x10 [ 11.962927] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.962947] ? calculate_sigpending+0x7b/0xa0 [ 11.962970] ? __pfx_kthread+0x10/0x10 [ 11.962990] ret_from_fork+0x116/0x1d0 [ 11.963007] ? __pfx_kthread+0x10/0x10 [ 11.963026] ret_from_fork_asm+0x1a/0x30 [ 11.963059] </TASK> [ 11.963069] [ 11.973312] Allocated by task 175: [ 11.973537] kasan_save_stack+0x45/0x70 [ 11.973697] kasan_save_track+0x18/0x40 [ 11.973889] kasan_save_alloc_info+0x3b/0x50 [ 11.974119] __kasan_krealloc+0x190/0x1f0 [ 11.974278] krealloc_noprof+0xf3/0x340 [ 11.974607] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.974937] krealloc_less_oob+0x1c/0x30 [ 11.975086] kunit_try_run_case+0x1a5/0x480 [ 11.975228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.975398] kthread+0x337/0x6f0 [ 11.975519] ret_from_fork+0x116/0x1d0 [ 11.975689] ret_from_fork_asm+0x1a/0x30 [ 11.975878] [ 11.976008] The buggy address belongs to the object at ffff888102b91600 [ 11.976008] which belongs to the cache kmalloc-256 of size 256 [ 11.976521] The buggy address is located 7 bytes to the right of [ 11.976521] allocated 201-byte region [ffff888102b91600, ffff888102b916c9) [ 11.976969] [ 11.977038] The buggy address belongs to the physical page: [ 11.977334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b90 [ 11.977828] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.978179] flags: 0x200000000000040(head|node=0|zone=2) [ 11.978569] page_type: f5(slab) [ 11.978758] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.979050] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.979418] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.979761] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.980090] head: 0200000000000001 ffffea00040ae401 00000000ffffffff 00000000ffffffff [ 11.980408] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.980774] page dumped because: kasan: bad access detected [ 11.980960] [ 11.981029] Memory state around the buggy address: [ 11.981182] ffff888102b91580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.981424] ffff888102b91600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.981824] >ffff888102b91680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.982193] ^ [ 11.982453] ffff888102b91700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.982923] ffff888102b91780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.983229] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.049393] ================================================================== [ 12.049903] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 12.050169] Write of size 1 at addr ffff8881029a20eb by task kunit_try_catch/177 [ 12.050621] [ 12.050812] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.050857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.050867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.050887] Call Trace: [ 12.050898] <TASK> [ 12.050925] dump_stack_lvl+0x73/0xb0 [ 12.050956] print_report+0xd1/0x610 [ 12.050976] ? __virt_addr_valid+0x1db/0x2d0 [ 12.050999] ? krealloc_more_oob_helper+0x821/0x930 [ 12.051021] ? kasan_addr_to_slab+0x11/0xa0 [ 12.051040] ? krealloc_more_oob_helper+0x821/0x930 [ 12.051067] kasan_report+0x141/0x180 [ 12.051088] ? krealloc_more_oob_helper+0x821/0x930 [ 12.051115] __asan_report_store1_noabort+0x1b/0x30 [ 12.051138] krealloc_more_oob_helper+0x821/0x930 [ 12.051159] ? __schedule+0x10cc/0x2b60 [ 12.051180] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.051203] ? finish_task_switch.isra.0+0x153/0x700 [ 12.051225] ? __switch_to+0x47/0xf50 [ 12.051250] ? __schedule+0x10cc/0x2b60 [ 12.051270] ? __pfx_read_tsc+0x10/0x10 [ 12.051293] krealloc_large_more_oob+0x1c/0x30 [ 12.051314] kunit_try_run_case+0x1a5/0x480 [ 12.051338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.051407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.051432] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.051454] ? __kthread_parkme+0x82/0x180 [ 12.051473] ? preempt_count_sub+0x50/0x80 [ 12.051495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.051517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.051539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.051561] kthread+0x337/0x6f0 [ 12.051579] ? trace_preempt_on+0x20/0xc0 [ 12.051601] ? __pfx_kthread+0x10/0x10 [ 12.051620] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.051640] ? calculate_sigpending+0x7b/0xa0 [ 12.051663] ? __pfx_kthread+0x10/0x10 [ 12.051683] ret_from_fork+0x116/0x1d0 [ 12.051701] ? __pfx_kthread+0x10/0x10 [ 12.051720] ret_from_fork_asm+0x1a/0x30 [ 12.051749] </TASK> [ 12.051759] [ 12.064090] The buggy address belongs to the physical page: [ 12.064460] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a0 [ 12.064759] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.065342] flags: 0x200000000000040(head|node=0|zone=2) [ 12.065998] page_type: f8(unknown) [ 12.066280] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.066724] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.067149] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.067629] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.067982] head: 0200000000000002 ffffea00040a6801 00000000ffffffff 00000000ffffffff [ 12.068324] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.068941] page dumped because: kasan: bad access detected [ 12.069264] [ 12.069364] Memory state around the buggy address: [ 12.069820] ffff8881029a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.070246] ffff8881029a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.070901] >ffff8881029a2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.071232] ^ [ 12.071680] ffff8881029a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.072094] ffff8881029a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.072554] ================================================================== [ 11.895485] ================================================================== [ 11.895784] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.896133] Write of size 1 at addr ffff888100a96ef0 by task kunit_try_catch/173 [ 11.896531] [ 11.896638] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.896678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.896689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.896707] Call Trace: [ 11.896722] <TASK> [ 11.896735] dump_stack_lvl+0x73/0xb0 [ 11.896762] print_report+0xd1/0x610 [ 11.896782] ? __virt_addr_valid+0x1db/0x2d0 [ 11.896802] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.896824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.896855] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.896878] kasan_report+0x141/0x180 [ 11.896898] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.896941] __asan_report_store1_noabort+0x1b/0x30 [ 11.896965] krealloc_more_oob_helper+0x7eb/0x930 [ 11.896995] ? __schedule+0x10cc/0x2b60 [ 11.897016] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.897038] ? finish_task_switch.isra.0+0x153/0x700 [ 11.897059] ? __switch_to+0x47/0xf50 [ 11.897084] ? __schedule+0x10cc/0x2b60 [ 11.897106] ? __pfx_read_tsc+0x10/0x10 [ 11.897128] krealloc_more_oob+0x1c/0x30 [ 11.897148] kunit_try_run_case+0x1a5/0x480 [ 11.897171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.897192] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.897213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.897235] ? __kthread_parkme+0x82/0x180 [ 11.897253] ? preempt_count_sub+0x50/0x80 [ 11.897275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.897297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.897319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.897362] kthread+0x337/0x6f0 [ 11.897381] ? trace_preempt_on+0x20/0xc0 [ 11.897403] ? __pfx_kthread+0x10/0x10 [ 11.897432] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.897452] ? calculate_sigpending+0x7b/0xa0 [ 11.897475] ? __pfx_kthread+0x10/0x10 [ 11.897495] ret_from_fork+0x116/0x1d0 [ 11.897512] ? __pfx_kthread+0x10/0x10 [ 11.897531] ret_from_fork_asm+0x1a/0x30 [ 11.897560] </TASK> [ 11.897569] [ 11.905888] Allocated by task 173: [ 11.906137] kasan_save_stack+0x45/0x70 [ 11.906418] kasan_save_track+0x18/0x40 [ 11.906622] kasan_save_alloc_info+0x3b/0x50 [ 11.906801] __kasan_krealloc+0x190/0x1f0 [ 11.907011] krealloc_noprof+0xf3/0x340 [ 11.907210] krealloc_more_oob_helper+0x1a9/0x930 [ 11.907587] krealloc_more_oob+0x1c/0x30 [ 11.907872] kunit_try_run_case+0x1a5/0x480 [ 11.908077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.908259] kthread+0x337/0x6f0 [ 11.908567] ret_from_fork+0x116/0x1d0 [ 11.908923] ret_from_fork_asm+0x1a/0x30 [ 11.909070] [ 11.909142] The buggy address belongs to the object at ffff888100a96e00 [ 11.909142] which belongs to the cache kmalloc-256 of size 256 [ 11.909495] The buggy address is located 5 bytes to the right of [ 11.909495] allocated 235-byte region [ffff888100a96e00, ffff888100a96eeb) [ 11.909933] [ 11.910012] The buggy address belongs to the physical page: [ 11.910260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a96 [ 11.910720] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.911598] flags: 0x200000000000040(head|node=0|zone=2) [ 11.911974] page_type: f5(slab) [ 11.912125] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.912516] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.912751] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.913086] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.913458] head: 0200000000000001 ffffea000402a581 00000000ffffffff 00000000ffffffff [ 11.913997] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.914371] page dumped because: kasan: bad access detected [ 11.914645] [ 11.914774] Memory state around the buggy address: [ 11.915004] ffff888100a96d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.915296] ffff888100a96e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.915781] >ffff888100a96e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.916102] ^ [ 11.916445] ffff888100a96f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.916825] ffff888100a96f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.917140] ================================================================== [ 12.073726] ================================================================== [ 12.074323] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 12.075250] Write of size 1 at addr ffff8881029a20f0 by task kunit_try_catch/177 [ 12.076045] [ 12.076148] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 12.076189] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.076200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.076219] Call Trace: [ 12.076230] <TASK> [ 12.076244] dump_stack_lvl+0x73/0xb0 [ 12.076274] print_report+0xd1/0x610 [ 12.076295] ? __virt_addr_valid+0x1db/0x2d0 [ 12.076316] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.076339] ? kasan_addr_to_slab+0x11/0xa0 [ 12.076358] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.076380] kasan_report+0x141/0x180 [ 12.076401] ? krealloc_more_oob_helper+0x7eb/0x930 [ 12.076428] __asan_report_store1_noabort+0x1b/0x30 [ 12.076457] krealloc_more_oob_helper+0x7eb/0x930 [ 12.076479] ? __schedule+0x10cc/0x2b60 [ 12.076500] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.076524] ? finish_task_switch.isra.0+0x153/0x700 [ 12.076544] ? __switch_to+0x47/0xf50 [ 12.076568] ? __schedule+0x10cc/0x2b60 [ 12.076588] ? __pfx_read_tsc+0x10/0x10 [ 12.076611] krealloc_large_more_oob+0x1c/0x30 [ 12.076632] kunit_try_run_case+0x1a5/0x480 [ 12.076655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.076676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.076698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.076720] ? __kthread_parkme+0x82/0x180 [ 12.076738] ? preempt_count_sub+0x50/0x80 [ 12.076760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.076782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.076804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.076826] kthread+0x337/0x6f0 [ 12.076844] ? trace_preempt_on+0x20/0xc0 [ 12.076865] ? __pfx_kthread+0x10/0x10 [ 12.076884] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.076904] ? calculate_sigpending+0x7b/0xa0 [ 12.076934] ? __pfx_kthread+0x10/0x10 [ 12.076954] ret_from_fork+0x116/0x1d0 [ 12.076971] ? __pfx_kthread+0x10/0x10 [ 12.076990] ret_from_fork_asm+0x1a/0x30 [ 12.077019] </TASK> [ 12.077028] [ 12.089104] The buggy address belongs to the physical page: [ 12.089642] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029a0 [ 12.090326] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.090890] flags: 0x200000000000040(head|node=0|zone=2) [ 12.091089] page_type: f8(unknown) [ 12.091215] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.091821] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.092572] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.093281] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.094047] head: 0200000000000002 ffffea00040a6801 00000000ffffffff 00000000ffffffff [ 12.094281] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.095163] page dumped because: kasan: bad access detected [ 12.095769] [ 12.095964] Memory state around the buggy address: [ 12.096189] ffff8881029a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.096917] ffff8881029a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.097136] >ffff8881029a2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.097347] ^ [ 12.097562] ffff8881029a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.097776] ffff8881029a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.097997] ================================================================== [ 11.861574] ================================================================== [ 11.862242] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.862578] Write of size 1 at addr ffff888100a96eeb by task kunit_try_catch/173 [ 11.863138] [ 11.863229] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.863271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.863283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.863304] Call Trace: [ 11.863314] <TASK> [ 11.863327] dump_stack_lvl+0x73/0xb0 [ 11.863460] print_report+0xd1/0x610 [ 11.863485] ? __virt_addr_valid+0x1db/0x2d0 [ 11.863506] ? krealloc_more_oob_helper+0x821/0x930 [ 11.863529] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.863549] ? krealloc_more_oob_helper+0x821/0x930 [ 11.863572] kasan_report+0x141/0x180 [ 11.863592] ? krealloc_more_oob_helper+0x821/0x930 [ 11.863619] __asan_report_store1_noabort+0x1b/0x30 [ 11.863642] krealloc_more_oob_helper+0x821/0x930 [ 11.863662] ? __schedule+0x10cc/0x2b60 [ 11.863684] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.863706] ? finish_task_switch.isra.0+0x153/0x700 [ 11.863727] ? __switch_to+0x47/0xf50 [ 11.863752] ? __schedule+0x10cc/0x2b60 [ 11.863772] ? __pfx_read_tsc+0x10/0x10 [ 11.863794] krealloc_more_oob+0x1c/0x30 [ 11.863816] kunit_try_run_case+0x1a5/0x480 [ 11.863839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.863860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.863882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.863904] ? __kthread_parkme+0x82/0x180 [ 11.863934] ? preempt_count_sub+0x50/0x80 [ 11.863956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.863978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.863999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.864021] kthread+0x337/0x6f0 [ 11.864039] ? trace_preempt_on+0x20/0xc0 [ 11.864061] ? __pfx_kthread+0x10/0x10 [ 11.864080] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.864101] ? calculate_sigpending+0x7b/0xa0 [ 11.864123] ? __pfx_kthread+0x10/0x10 [ 11.864143] ret_from_fork+0x116/0x1d0 [ 11.864159] ? __pfx_kthread+0x10/0x10 [ 11.864178] ret_from_fork_asm+0x1a/0x30 [ 11.864207] </TASK> [ 11.864216] [ 11.876701] Allocated by task 173: [ 11.877217] kasan_save_stack+0x45/0x70 [ 11.877971] kasan_save_track+0x18/0x40 [ 11.878318] kasan_save_alloc_info+0x3b/0x50 [ 11.879063] __kasan_krealloc+0x190/0x1f0 [ 11.879815] krealloc_noprof+0xf3/0x340 [ 11.880257] krealloc_more_oob_helper+0x1a9/0x930 [ 11.881095] krealloc_more_oob+0x1c/0x30 [ 11.881548] kunit_try_run_case+0x1a5/0x480 [ 11.882191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.882461] kthread+0x337/0x6f0 [ 11.882589] ret_from_fork+0x116/0x1d0 [ 11.882724] ret_from_fork_asm+0x1a/0x30 [ 11.882864] [ 11.882968] The buggy address belongs to the object at ffff888100a96e00 [ 11.882968] which belongs to the cache kmalloc-256 of size 256 [ 11.883392] The buggy address is located 0 bytes to the right of [ 11.883392] allocated 235-byte region [ffff888100a96e00, ffff888100a96eeb) [ 11.884028] [ 11.884115] The buggy address belongs to the physical page: [ 11.884806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a96 [ 11.885673] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.886259] flags: 0x200000000000040(head|node=0|zone=2) [ 11.886718] page_type: f5(slab) [ 11.887045] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.887528] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.887941] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.888732] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.889197] head: 0200000000000001 ffffea000402a581 00000000ffffffff 00000000ffffffff [ 11.889741] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.890435] page dumped because: kasan: bad access detected [ 11.891017] [ 11.891094] Memory state around the buggy address: [ 11.891249] ffff888100a96d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.891542] ffff888100a96e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.892260] >ffff888100a96e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.893083] ^ [ 11.893867] ffff888100a96f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.894616] ffff888100a96f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.895038] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.841730] ================================================================== [ 11.842264] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.842511] Read of size 1 at addr ffff888103a80000 by task kunit_try_catch/171 [ 11.843027] [ 11.843158] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.843201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.843213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.843234] Call Trace: [ 11.843248] <TASK> [ 11.843264] dump_stack_lvl+0x73/0xb0 [ 11.843293] print_report+0xd1/0x610 [ 11.843314] ? __virt_addr_valid+0x1db/0x2d0 [ 11.843335] ? page_alloc_uaf+0x356/0x3d0 [ 11.843431] ? kasan_addr_to_slab+0x11/0xa0 [ 11.843471] ? page_alloc_uaf+0x356/0x3d0 [ 11.843493] kasan_report+0x141/0x180 [ 11.843529] ? page_alloc_uaf+0x356/0x3d0 [ 11.843555] __asan_report_load1_noabort+0x18/0x20 [ 11.843577] page_alloc_uaf+0x356/0x3d0 [ 11.843597] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.843618] ? __schedule+0x10cc/0x2b60 [ 11.843639] ? __pfx_read_tsc+0x10/0x10 [ 11.843659] ? ktime_get_ts64+0x86/0x230 [ 11.843683] kunit_try_run_case+0x1a5/0x480 [ 11.843706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.843727] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.843748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.843770] ? __kthread_parkme+0x82/0x180 [ 11.843788] ? preempt_count_sub+0x50/0x80 [ 11.843811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.843833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.843855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.843876] kthread+0x337/0x6f0 [ 11.843895] ? trace_preempt_on+0x20/0xc0 [ 11.843928] ? __pfx_kthread+0x10/0x10 [ 11.843947] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.843967] ? calculate_sigpending+0x7b/0xa0 [ 11.843988] ? __pfx_kthread+0x10/0x10 [ 11.844009] ret_from_fork+0x116/0x1d0 [ 11.844027] ? __pfx_kthread+0x10/0x10 [ 11.844046] ret_from_fork_asm+0x1a/0x30 [ 11.844075] </TASK> [ 11.844084] [ 11.852354] The buggy address belongs to the physical page: [ 11.852539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a80 [ 11.852997] flags: 0x200000000000000(node=0|zone=2) [ 11.853231] page_type: f0(buddy) [ 11.853476] raw: 0200000000000000 ffff88817fffb538 ffff88817fffb538 0000000000000000 [ 11.853973] raw: 0000000000000000 0000000000000007 00000000f0000000 0000000000000000 [ 11.854293] page dumped because: kasan: bad access detected [ 11.854664] [ 11.854893] Memory state around the buggy address: [ 11.855131] ffff888103a7ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.855500] ffff888103a7ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.855838] >ffff888103a80000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.856447] ^ [ 11.856568] ffff888103a80080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.857001] ffff888103a80100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.857288] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.806344] ================================================================== [ 11.807570] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.808189] Free of addr ffff88810299c001 by task kunit_try_catch/167 [ 11.808949] [ 11.809302] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.809346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.809357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.809375] Call Trace: [ 11.809387] <TASK> [ 11.809401] dump_stack_lvl+0x73/0xb0 [ 11.809430] print_report+0xd1/0x610 [ 11.809451] ? __virt_addr_valid+0x1db/0x2d0 [ 11.809473] ? kasan_addr_to_slab+0x11/0xa0 [ 11.809492] ? kfree+0x274/0x3f0 [ 11.809512] kasan_report_invalid_free+0x10a/0x130 [ 11.809535] ? kfree+0x274/0x3f0 [ 11.809556] ? kfree+0x274/0x3f0 [ 11.809575] __kasan_kfree_large+0x86/0xd0 [ 11.809595] free_large_kmalloc+0x4b/0x110 [ 11.809617] kfree+0x274/0x3f0 [ 11.809640] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.809661] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.809683] ? __schedule+0x10cc/0x2b60 [ 11.809704] ? __pfx_read_tsc+0x10/0x10 [ 11.809723] ? ktime_get_ts64+0x86/0x230 [ 11.809745] kunit_try_run_case+0x1a5/0x480 [ 11.809767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.809788] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.809810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.809831] ? __kthread_parkme+0x82/0x180 [ 11.809850] ? preempt_count_sub+0x50/0x80 [ 11.809872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.809894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.809928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.809950] kthread+0x337/0x6f0 [ 11.809968] ? trace_preempt_on+0x20/0xc0 [ 11.809989] ? __pfx_kthread+0x10/0x10 [ 11.810008] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.810028] ? calculate_sigpending+0x7b/0xa0 [ 11.810050] ? __pfx_kthread+0x10/0x10 [ 11.810070] ret_from_fork+0x116/0x1d0 [ 11.810087] ? __pfx_kthread+0x10/0x10 [ 11.810105] ret_from_fork_asm+0x1a/0x30 [ 11.810135] </TASK> [ 11.810144] [ 11.820675] The buggy address belongs to the physical page: [ 11.820860] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10299c [ 11.821115] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.821777] flags: 0x200000000000040(head|node=0|zone=2) [ 11.822098] page_type: f8(unknown) [ 11.822224] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.822711] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.823651] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.824451] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.825181] head: 0200000000000002 ffffea00040a6701 00000000ffffffff 00000000ffffffff [ 11.825873] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.826113] page dumped because: kasan: bad access detected [ 11.826286] [ 11.826484] Memory state around the buggy address: [ 11.826920] ffff88810299bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.827654] ffff88810299bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.828401] >ffff88810299c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.829178] ^ [ 11.829535] ffff88810299c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.830187] ffff88810299c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.830621] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.780245] ================================================================== [ 11.780765] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.781020] Read of size 1 at addr ffff888102b74000 by task kunit_try_catch/165 [ 11.781663] [ 11.782008] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.782057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.782068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.782088] Call Trace: [ 11.782102] <TASK> [ 11.782116] dump_stack_lvl+0x73/0xb0 [ 11.782145] print_report+0xd1/0x610 [ 11.782167] ? __virt_addr_valid+0x1db/0x2d0 [ 11.782189] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.782228] ? kasan_addr_to_slab+0x11/0xa0 [ 11.782248] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.782268] kasan_report+0x141/0x180 [ 11.782289] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.782313] __asan_report_load1_noabort+0x18/0x20 [ 11.782335] kmalloc_large_uaf+0x2f1/0x340 [ 11.782354] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.782375] ? __schedule+0x10cc/0x2b60 [ 11.782397] ? __pfx_read_tsc+0x10/0x10 [ 11.782418] ? ktime_get_ts64+0x86/0x230 [ 11.782441] kunit_try_run_case+0x1a5/0x480 [ 11.782465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.782486] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.782507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.782529] ? __kthread_parkme+0x82/0x180 [ 11.782548] ? preempt_count_sub+0x50/0x80 [ 11.782571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.782593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.782614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.782636] kthread+0x337/0x6f0 [ 11.782654] ? trace_preempt_on+0x20/0xc0 [ 11.782675] ? __pfx_kthread+0x10/0x10 [ 11.782695] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.782716] ? calculate_sigpending+0x7b/0xa0 [ 11.782739] ? __pfx_kthread+0x10/0x10 [ 11.782759] ret_from_fork+0x116/0x1d0 [ 11.782777] ? __pfx_kthread+0x10/0x10 [ 11.782796] ret_from_fork_asm+0x1a/0x30 [ 11.782825] </TASK> [ 11.782835] [ 11.796054] The buggy address belongs to the physical page: [ 11.796646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b74 [ 11.797114] flags: 0x200000000000000(node=0|zone=2) [ 11.797292] raw: 0200000000000000 ffffea00040ade08 ffff88815b039f80 0000000000000000 [ 11.798096] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.798802] page dumped because: kasan: bad access detected [ 11.799282] [ 11.799504] Memory state around the buggy address: [ 11.799824] ffff888102b73f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.800404] ffff888102b73f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.800769] >ffff888102b74000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.800993] ^ [ 11.801110] ffff888102b74080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.801325] ffff888102b74100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.802019] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.755047] ================================================================== [ 11.755555] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.756717] Write of size 1 at addr ffff88810299e00a by task kunit_try_catch/163 [ 11.757811] [ 11.758123] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.758172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.758184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.758204] Call Trace: [ 11.758217] <TASK> [ 11.758231] dump_stack_lvl+0x73/0xb0 [ 11.758260] print_report+0xd1/0x610 [ 11.758281] ? __virt_addr_valid+0x1db/0x2d0 [ 11.758302] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.758322] ? kasan_addr_to_slab+0x11/0xa0 [ 11.758342] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.758505] kasan_report+0x141/0x180 [ 11.758527] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.758552] __asan_report_store1_noabort+0x1b/0x30 [ 11.758575] kmalloc_large_oob_right+0x2e9/0x330 [ 11.758596] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.758617] ? __schedule+0x10cc/0x2b60 [ 11.758638] ? __pfx_read_tsc+0x10/0x10 [ 11.758657] ? ktime_get_ts64+0x86/0x230 [ 11.758681] kunit_try_run_case+0x1a5/0x480 [ 11.758703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.758724] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.758746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.758768] ? __kthread_parkme+0x82/0x180 [ 11.758786] ? preempt_count_sub+0x50/0x80 [ 11.758808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.758830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.758851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.758873] kthread+0x337/0x6f0 [ 11.758891] ? trace_preempt_on+0x20/0xc0 [ 11.758927] ? __pfx_kthread+0x10/0x10 [ 11.758947] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.758966] ? calculate_sigpending+0x7b/0xa0 [ 11.758988] ? __pfx_kthread+0x10/0x10 [ 11.759008] ret_from_fork+0x116/0x1d0 [ 11.759026] ? __pfx_kthread+0x10/0x10 [ 11.759047] ret_from_fork_asm+0x1a/0x30 [ 11.759082] </TASK> [ 11.759095] [ 11.769275] The buggy address belongs to the physical page: [ 11.769702] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10299c [ 11.770094] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.770676] flags: 0x200000000000040(head|node=0|zone=2) [ 11.770984] page_type: f8(unknown) [ 11.771291] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.771814] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.772358] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.772690] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.773117] head: 0200000000000002 ffffea00040a6701 00000000ffffffff 00000000ffffffff [ 11.773543] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.774070] page dumped because: kasan: bad access detected [ 11.774345] [ 11.774459] Memory state around the buggy address: [ 11.774858] ffff88810299df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.775330] ffff88810299df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.775922] >ffff88810299e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.776235] ^ [ 11.776631] ffff88810299e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.777114] ffff88810299e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.777578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.718844] ================================================================== [ 11.719616] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.720631] Write of size 1 at addr ffff888102c79f00 by task kunit_try_catch/161 [ 11.721802] [ 11.722058] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.722103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.722114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.722133] Call Trace: [ 11.722145] <TASK> [ 11.722160] dump_stack_lvl+0x73/0xb0 [ 11.722191] print_report+0xd1/0x610 [ 11.722211] ? __virt_addr_valid+0x1db/0x2d0 [ 11.722234] ? kmalloc_big_oob_right+0x316/0x370 [ 11.722255] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.722275] ? kmalloc_big_oob_right+0x316/0x370 [ 11.722296] kasan_report+0x141/0x180 [ 11.722316] ? kmalloc_big_oob_right+0x316/0x370 [ 11.722342] __asan_report_store1_noabort+0x1b/0x30 [ 11.722364] kmalloc_big_oob_right+0x316/0x370 [ 11.722385] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.722407] ? __schedule+0x10cc/0x2b60 [ 11.722428] ? __pfx_read_tsc+0x10/0x10 [ 11.722448] ? ktime_get_ts64+0x86/0x230 [ 11.722471] kunit_try_run_case+0x1a5/0x480 [ 11.722495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.722517] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.722538] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.722560] ? __kthread_parkme+0x82/0x180 [ 11.722580] ? preempt_count_sub+0x50/0x80 [ 11.722602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.722624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.722646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.722668] kthread+0x337/0x6f0 [ 11.722697] ? trace_preempt_on+0x20/0xc0 [ 11.722720] ? __pfx_kthread+0x10/0x10 [ 11.722740] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.722770] ? calculate_sigpending+0x7b/0xa0 [ 11.722834] ? __pfx_kthread+0x10/0x10 [ 11.722855] ret_from_fork+0x116/0x1d0 [ 11.722872] ? __pfx_kthread+0x10/0x10 [ 11.723066] ret_from_fork_asm+0x1a/0x30 [ 11.723100] </TASK> [ 11.723111] [ 11.736680] Allocated by task 161: [ 11.737033] kasan_save_stack+0x45/0x70 [ 11.737489] kasan_save_track+0x18/0x40 [ 11.737904] kasan_save_alloc_info+0x3b/0x50 [ 11.738305] __kasan_kmalloc+0xb7/0xc0 [ 11.738705] __kmalloc_cache_noprof+0x189/0x420 [ 11.738954] kmalloc_big_oob_right+0xa9/0x370 [ 11.739465] kunit_try_run_case+0x1a5/0x480 [ 11.739759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.739944] kthread+0x337/0x6f0 [ 11.740064] ret_from_fork+0x116/0x1d0 [ 11.740195] ret_from_fork_asm+0x1a/0x30 [ 11.740333] [ 11.740575] The buggy address belongs to the object at ffff888102c78000 [ 11.740575] which belongs to the cache kmalloc-8k of size 8192 [ 11.741768] The buggy address is located 0 bytes to the right of [ 11.741768] allocated 7936-byte region [ffff888102c78000, ffff888102c79f00) [ 11.742953] [ 11.743144] The buggy address belongs to the physical page: [ 11.743740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c78 [ 11.744293] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.744847] flags: 0x200000000000040(head|node=0|zone=2) [ 11.745338] page_type: f5(slab) [ 11.745722] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.746181] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.746531] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.747327] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.748277] head: 0200000000000003 ffffea00040b1e01 00000000ffffffff 00000000ffffffff [ 11.748727] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.749527] page dumped because: kasan: bad access detected [ 11.749926] [ 11.749999] Memory state around the buggy address: [ 11.750401] ffff888102c79e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.750792] ffff888102c79e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.751017] >ffff888102c79f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.751232] ^ [ 11.751348] ffff888102c79f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.751712] ffff888102c7a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.752081] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.692043] ================================================================== [ 11.692277] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.692532] Write of size 1 at addr ffff888102ad4278 by task kunit_try_catch/159 [ 11.693027] [ 11.693122] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.693163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.693174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.693193] Call Trace: [ 11.693203] <TASK> [ 11.693216] dump_stack_lvl+0x73/0xb0 [ 11.693242] print_report+0xd1/0x610 [ 11.693262] ? __virt_addr_valid+0x1db/0x2d0 [ 11.693283] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.693305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.693326] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.693349] kasan_report+0x141/0x180 [ 11.693379] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.693407] __asan_report_store1_noabort+0x1b/0x30 [ 11.693429] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.693452] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.693476] ? __schedule+0x10cc/0x2b60 [ 11.693497] ? __pfx_read_tsc+0x10/0x10 [ 11.693517] ? ktime_get_ts64+0x86/0x230 [ 11.693540] kunit_try_run_case+0x1a5/0x480 [ 11.693563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.693583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.693604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.693626] ? __kthread_parkme+0x82/0x180 [ 11.693645] ? preempt_count_sub+0x50/0x80 [ 11.693666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.693689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.693711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.693733] kthread+0x337/0x6f0 [ 11.693752] ? trace_preempt_on+0x20/0xc0 [ 11.693773] ? __pfx_kthread+0x10/0x10 [ 11.693792] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.693812] ? calculate_sigpending+0x7b/0xa0 [ 11.693834] ? __pfx_kthread+0x10/0x10 [ 11.693854] ret_from_fork+0x116/0x1d0 [ 11.693871] ? __pfx_kthread+0x10/0x10 [ 11.693919] ret_from_fork_asm+0x1a/0x30 [ 11.694406] </TASK> [ 11.694415] [ 11.705425] Allocated by task 159: [ 11.705791] kasan_save_stack+0x45/0x70 [ 11.706087] kasan_save_track+0x18/0x40 [ 11.706291] kasan_save_alloc_info+0x3b/0x50 [ 11.706676] __kasan_kmalloc+0xb7/0xc0 [ 11.706838] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.707099] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.707324] kunit_try_run_case+0x1a5/0x480 [ 11.707782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.708041] kthread+0x337/0x6f0 [ 11.708312] ret_from_fork+0x116/0x1d0 [ 11.708466] ret_from_fork_asm+0x1a/0x30 [ 11.708727] [ 11.708946] The buggy address belongs to the object at ffff888102ad4200 [ 11.708946] which belongs to the cache kmalloc-128 of size 128 [ 11.709434] The buggy address is located 0 bytes to the right of [ 11.709434] allocated 120-byte region [ffff888102ad4200, ffff888102ad4278) [ 11.710543] [ 11.710654] The buggy address belongs to the physical page: [ 11.710851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 11.711192] flags: 0x200000000000000(node=0|zone=2) [ 11.711381] page_type: f5(slab) [ 11.711607] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.711859] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.712392] page dumped because: kasan: bad access detected [ 11.712678] [ 11.712806] Memory state around the buggy address: [ 11.713001] ffff888102ad4100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.713294] ffff888102ad4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.713657] >ffff888102ad4200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.714027] ^ [ 11.714311] ffff888102ad4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.714647] ffff888102ad4300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.715084] ================================================================== [ 11.663378] ================================================================== [ 11.664458] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.665149] Write of size 1 at addr ffff888102ad4178 by task kunit_try_catch/159 [ 11.665384] [ 11.665478] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.665521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.665532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.665552] Call Trace: [ 11.665564] <TASK> [ 11.665579] dump_stack_lvl+0x73/0xb0 [ 11.665607] print_report+0xd1/0x610 [ 11.665629] ? __virt_addr_valid+0x1db/0x2d0 [ 11.665650] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.665673] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.665693] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.665716] kasan_report+0x141/0x180 [ 11.665736] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.665764] __asan_report_store1_noabort+0x1b/0x30 [ 11.665786] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 11.665809] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.665833] ? __schedule+0x10cc/0x2b60 [ 11.665854] ? __pfx_read_tsc+0x10/0x10 [ 11.665874] ? ktime_get_ts64+0x86/0x230 [ 11.665897] kunit_try_run_case+0x1a5/0x480 [ 11.665930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.665951] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.665972] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.665993] ? __kthread_parkme+0x82/0x180 [ 11.666011] ? preempt_count_sub+0x50/0x80 [ 11.666033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.666055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.666077] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.666098] kthread+0x337/0x6f0 [ 11.666116] ? trace_preempt_on+0x20/0xc0 [ 11.666138] ? __pfx_kthread+0x10/0x10 [ 11.666157] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.666176] ? calculate_sigpending+0x7b/0xa0 [ 11.666199] ? __pfx_kthread+0x10/0x10 [ 11.666219] ret_from_fork+0x116/0x1d0 [ 11.666665] ? __pfx_kthread+0x10/0x10 [ 11.666688] ret_from_fork_asm+0x1a/0x30 [ 11.666718] </TASK> [ 11.666728] [ 11.677616] Allocated by task 159: [ 11.677848] kasan_save_stack+0x45/0x70 [ 11.678245] kasan_save_track+0x18/0x40 [ 11.678653] kasan_save_alloc_info+0x3b/0x50 [ 11.678887] __kasan_kmalloc+0xb7/0xc0 [ 11.679307] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.679749] kmalloc_track_caller_oob_right+0x99/0x520 [ 11.680001] kunit_try_run_case+0x1a5/0x480 [ 11.680313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.680713] kthread+0x337/0x6f0 [ 11.681196] ret_from_fork+0x116/0x1d0 [ 11.681332] ret_from_fork_asm+0x1a/0x30 [ 11.681790] [ 11.681985] The buggy address belongs to the object at ffff888102ad4100 [ 11.681985] which belongs to the cache kmalloc-128 of size 128 [ 11.682988] The buggy address is located 0 bytes to the right of [ 11.682988] allocated 120-byte region [ffff888102ad4100, ffff888102ad4178) [ 11.684145] [ 11.684319] The buggy address belongs to the physical page: [ 11.684703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad4 [ 11.685533] flags: 0x200000000000000(node=0|zone=2) [ 11.685731] page_type: f5(slab) [ 11.686104] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.686875] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.687842] page dumped because: kasan: bad access detected [ 11.688019] [ 11.688085] Memory state around the buggy address: [ 11.688235] ffff888102ad4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.688459] ffff888102ad4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.688676] >ffff888102ad4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.689079] ^ [ 11.689523] ffff888102ad4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.690189] ffff888102ad4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.691211] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.631983] ================================================================== [ 11.633615] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 11.634010] Read of size 1 at addr ffff888102877000 by task kunit_try_catch/157 [ 11.634355] [ 11.634476] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 11.634519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.634530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.634577] Call Trace: [ 11.634588] <TASK> [ 11.634605] dump_stack_lvl+0x73/0xb0 [ 11.634636] print_report+0xd1/0x610 [ 11.634669] ? __virt_addr_valid+0x1db/0x2d0 [ 11.634691] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.634713] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.634733] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.634755] kasan_report+0x141/0x180 [ 11.634776] ? kmalloc_node_oob_right+0x369/0x3c0 [ 11.634802] __asan_report_load1_noabort+0x18/0x20 [ 11.634825] kmalloc_node_oob_right+0x369/0x3c0 [ 11.634847] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.634926] ? __schedule+0x10cc/0x2b60 [ 11.634949] ? __pfx_read_tsc+0x10/0x10 [ 11.634969] ? ktime_get_ts64+0x86/0x230 [ 11.634992] kunit_try_run_case+0x1a5/0x480 [ 11.635016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.635038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.635064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.635085] ? __kthread_parkme+0x82/0x180 [ 11.635105] ? preempt_count_sub+0x50/0x80 [ 11.635127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.635150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.635171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.635193] kthread+0x337/0x6f0 [ 11.635211] ? trace_preempt_on+0x20/0xc0 [ 11.635233] ? __pfx_kthread+0x10/0x10 [ 11.635252] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.635272] ? calculate_sigpending+0x7b/0xa0 [ 11.635294] ? __pfx_kthread+0x10/0x10 [ 11.635314] ret_from_fork+0x116/0x1d0 [ 11.635331] ? __pfx_kthread+0x10/0x10 [ 11.635350] ret_from_fork_asm+0x1a/0x30 [ 11.635379] </TASK> [ 11.635390] [ 11.643050] Allocated by task 157: [ 11.643223] kasan_save_stack+0x45/0x70 [ 11.643934] kasan_save_track+0x18/0x40 [ 11.644128] kasan_save_alloc_info+0x3b/0x50 [ 11.644328] __kasan_kmalloc+0xb7/0xc0 [ 11.644501] __kmalloc_cache_node_noprof+0x188/0x420 [ 11.644721] kmalloc_node_oob_right+0xab/0x3c0 [ 11.644932] kunit_try_run_case+0x1a5/0x480 [ 11.645125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.645354] kthread+0x337/0x6f0 [ 11.645504] ret_from_fork+0x116/0x1d0 [ 11.645671] ret_from_fork_asm+0x1a/0x30 [ 11.645840] [ 11.646143] The buggy address belongs to the object at ffff888102876000 [ 11.646143] which belongs to the cache kmalloc-4k of size 4096 [ 11.648689] The buggy address is located 0 bytes to the right of [ 11.648689] allocated 4096-byte region [ffff888102876000, ffff888102877000) [ 11.650017] [ 11.650281] The buggy address belongs to the physical page: [ 11.651027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102870 [ 11.651797] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.652137] flags: 0x200000000000040(head|node=0|zone=2) [ 11.652694] page_type: f5(slab) [ 11.653042] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.653714] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.654067] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.654375] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.655146] head: 0200000000000003 ffffea00040a1c01 00000000ffffffff 00000000ffffffff [ 11.655842] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.656372] page dumped because: kasan: bad access detected [ 11.656977] [ 11.657246] Memory state around the buggy address: [ 11.657479] ffff888102876f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.658019] ffff888102876f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.658232] >ffff888102877000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.658436] ^ [ 11.658547] ffff888102877080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.658752] ffff888102877100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.658967] ==================================================================
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_gem_shmem_test_get_pages_sgtdrm-kunit-mock-device-drm-drm_warn_onrefcount_readshmem-pages_pin_count
------------[ cut here ]------------ [ 141.063829] drm-kunit-mock-device drm_gem_shmem_test_get_pages_sgt.drm-kunit-mock-device: [drm] drm_WARN_ON(refcount_read(&shmem->pages_pin_count)) [ 141.063926] WARNING: CPU: 1 PID: 2569 at drivers/gpu/drm/drm_gem_shmem_helper.c:180 drm_gem_shmem_free+0x3ed/0x6c0 [ 141.065634] Modules linked in: [ 141.065880] CPU: 1 UID: 0 PID: 2569 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 141.066760] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.067196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.067847] RIP: 0010:drm_gem_shmem_free+0x3ed/0x6c0 [ 141.068094] Code: 85 f6 0f 84 ba 01 00 00 4c 89 e7 e8 ad 1d 80 00 48 c7 c1 20 8c fe 94 4c 89 f2 48 c7 c7 e0 88 fe 94 48 89 c6 e8 74 a7 77 fe 90 <0f> 0b 90 90 e9 09 ff ff ff 90 48 b8 00 00 00 00 00 fc ff df 48 8d [ 141.069679] RSP: 0000:ffff88810a897d18 EFLAGS: 00010286 [ 141.069966] RAX: 0000000000000000 RBX: ffff88810991b000 RCX: 1ffffffff2ba4cf0 [ 141.070244] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 141.070835] RBP: ffff88810a897d48 R08: 0000000000000000 R09: fffffbfff2ba4cf0 [ 141.071404] R10: 0000000000000003 R11: 0000000000039918 R12: ffff888104295800 [ 141.071763] R13: ffff88810991b0f8 R14: ffff88810c50f580 R15: ffff88810039fb40 [ 141.072026] FS: 0000000000000000(0000) GS:ffff8881c4172000(0000) knlGS:0000000000000000 [ 141.072313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.072898] CR2: 00007ffff7ffe000 CR3: 0000000050abc000 CR4: 00000000000006f0 [ 141.073537] DR0: ffffffff97052440 DR1: ffffffff97052441 DR2: ffffffff97052443 [ 141.073936] DR3: ffffffff97052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.074578] Call Trace: [ 141.074771] <TASK> [ 141.074895] ? trace_preempt_on+0x20/0xc0 [ 141.075095] ? __pfx_drm_gem_shmem_free_wrapper+0x10/0x10 [ 141.075321] drm_gem_shmem_free_wrapper+0x12/0x20 [ 141.075927] __kunit_action_free+0x57/0x70 [ 141.076317] kunit_remove_resource+0x133/0x200 [ 141.076761] ? preempt_count_sub+0x50/0x80 [ 141.076982] kunit_cleanup+0x7a/0x120 [ 141.077164] kunit_try_run_case_cleanup+0xbd/0xf0 [ 141.077648] ? __pfx_kunit_try_run_case_cleanup+0x10/0x10 [ 141.078083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.078555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.079039] kthread+0x337/0x6f0 [ 141.079395] ? trace_preempt_on+0x20/0xc0 [ 141.079619] ? __pfx_kthread+0x10/0x10 [ 141.079796] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.079985] ? calculate_sigpending+0x7b/0xa0 [ 141.080185] ? __pfx_kthread+0x10/0x10 [ 141.080380] ret_from_fork+0x116/0x1d0 [ 141.080552] ? __pfx_kthread+0x10/0x10 [ 141.080737] ret_from_fork_asm+0x1a/0x30 [ 141.080935] </TASK> [ 141.081053] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.935742] WARNING: CPU: 1 PID: 2550 at drivers/gpu/drm/drm_framebuffer.c:869 drm_framebuffer_init+0x49/0x8d0 [ 140.936131] Modules linked in: [ 140.936323] CPU: 1 UID: 0 PID: 2550 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.936950] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.937205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.937559] RIP: 0010:drm_framebuffer_init+0x49/0x8d0 [ 140.938042] Code: 89 e5 41 57 41 56 41 55 41 54 53 48 89 f3 48 83 ec 28 80 3c 11 00 48 89 7d c8 0f 85 1c 07 00 00 48 8b 75 c8 48 39 33 74 20 90 <0f> 0b 90 41 bf ea ff ff ff 48 83 c4 28 44 89 f8 5b 41 5c 41 5d 41 [ 140.939197] RSP: 0000:ffff88810a547b20 EFLAGS: 00010246 [ 140.939473] RAX: ffff88810a547ba8 RBX: ffff88810a547c28 RCX: 1ffff110214a8f8e [ 140.939812] RDX: dffffc0000000000 RSI: ffff88810a642000 RDI: ffff88810a642000 [ 140.940042] RBP: ffff88810a547b70 R08: ffff88810a642000 R09: ffffffff94fd8f60 [ 140.940425] R10: 0000000000000003 R11: 00000000caa5eaa4 R12: 1ffff110214a8f71 [ 140.940743] R13: ffff88810a547c70 R14: ffff88810a547db8 R15: 0000000000000000 [ 140.941072] FS: 0000000000000000(0000) GS:ffff8881c4172000(0000) knlGS:0000000000000000 [ 140.941347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.941716] CR2: 00007ffff7ffe000 CR3: 0000000050abc000 CR4: 00000000000006f0 [ 140.942055] DR0: ffffffff97052440 DR1: ffffffff97052441 DR2: ffffffff97052443 [ 140.942560] DR3: ffffffff97052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.942884] Call Trace: [ 140.943010] <TASK> [ 140.943132] ? trace_preempt_on+0x20/0xc0 [ 140.943365] ? add_dr+0xc1/0x1d0 [ 140.943574] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.944092] ? add_dr+0x148/0x1d0 [ 140.944301] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.944754] ? __drmm_add_action+0x1a4/0x280 [ 140.944986] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.945283] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.945615] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.945867] ? __schedule+0x10cc/0x2b60 [ 140.946026] ? __pfx_read_tsc+0x10/0x10 [ 140.946254] ? ktime_get_ts64+0x86/0x230 [ 140.946566] kunit_try_run_case+0x1a5/0x480 [ 140.946794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.947031] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.947271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.947507] ? __kthread_parkme+0x82/0x180 [ 140.947721] ? preempt_count_sub+0x50/0x80 [ 140.947876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.948280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.948883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.949126] kthread+0x337/0x6f0 [ 140.949253] ? trace_preempt_on+0x20/0xc0 [ 140.949708] ? __pfx_kthread+0x10/0x10 [ 140.949945] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.950184] ? calculate_sigpending+0x7b/0xa0 [ 140.950526] ? __pfx_kthread+0x10/0x10 [ 140.950732] ret_from_fork+0x116/0x1d0 [ 140.950958] ? __pfx_kthread+0x10/0x10 [ 140.951159] ret_from_fork_asm+0x1a/0x30 [ 140.951417] </TASK> [ 140.951542] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.903455] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.903689] WARNING: CPU: 1 PID: 2546 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.904570] Modules linked in: [ 140.904979] CPU: 1 UID: 0 PID: 2546 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 140.905510] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.905992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.906559] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.906878] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 2b 44 87 00 48 c7 c1 00 3a fd 94 4c 89 fa 48 c7 c7 60 3a fd 94 48 89 c6 e8 f2 cd 7e fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.908179] RSP: 0000:ffff88810a6a7b68 EFLAGS: 00010282 [ 140.908525] RAX: 0000000000000000 RBX: ffff88810a6a7c40 RCX: 1ffffffff2ba4cf0 [ 140.908833] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.909120] RBP: ffff88810a6a7b90 R08: 0000000000000000 R09: fffffbfff2ba4cf0 [ 140.909511] R10: 0000000000000003 R11: 0000000000037f30 R12: ffff88810a6a7c18 [ 140.909846] R13: ffff888109e2e800 R14: ffff88810a640000 R15: ffff88810c1ffd00 [ 140.910177] FS: 0000000000000000(0000) GS:ffff8881c4172000(0000) knlGS:0000000000000000 [ 140.910679] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.911090] CR2: 00007ffff7ffe000 CR3: 0000000050abc000 CR4: 00000000000006f0 [ 140.911529] DR0: ffffffff97052440 DR1: ffffffff97052441 DR2: ffffffff97052443 [ 140.912024] DR3: ffffffff97052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.912479] Call Trace: [ 140.912603] <TASK> [ 140.912762] drm_test_framebuffer_free+0x1ab/0x610 [ 140.913011] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.913192] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.913573] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.913825] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.914122] ? __schedule+0x10cc/0x2b60 [ 140.914376] ? __pfx_read_tsc+0x10/0x10 [ 140.914743] ? ktime_get_ts64+0x86/0x230 [ 140.915093] kunit_try_run_case+0x1a5/0x480 [ 140.915285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.915621] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.915782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.916213] ? __kthread_parkme+0x82/0x180 [ 140.916573] ? preempt_count_sub+0x50/0x80 [ 140.916985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.917190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.917717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.917955] kthread+0x337/0x6f0 [ 140.918132] ? trace_preempt_on+0x20/0xc0 [ 140.918315] ? __pfx_kthread+0x10/0x10 [ 140.918684] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.919065] ? calculate_sigpending+0x7b/0xa0 [ 140.919435] ? __pfx_kthread+0x10/0x10 [ 140.919608] ret_from_fork+0x116/0x1d0 [ 140.919805] ? __pfx_kthread+0x10/0x10 [ 140.920015] ret_from_fork_asm+0x1a/0x30 [ 140.920462] </TASK> [ 140.920572] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 139.661710] WARNING: CPU: 0 PID: 1984 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.662651] Modules linked in: [ 139.662876] CPU: 0 UID: 0 PID: 1984 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.663260] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.663439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.663716] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.663958] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 35 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.664696] RSP: 0000:ffff88810d437c90 EFLAGS: 00010246 [ 139.665027] RAX: dffffc0000000000 RBX: ffff88810d22e000 RCX: 0000000000000000 [ 139.665928] RDX: 1ffff11021a45c32 RSI: ffffffff92207898 RDI: ffff88810d22e190 [ 139.666215] RBP: ffff88810d437ca0 R08: 1ffff11020073f69 R09: ffffed1021a86f65 [ 139.666572] R10: 0000000000000003 R11: ffffffff91785988 R12: 0000000000000000 [ 139.667124] R13: ffff88810d437d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.667534] FS: 0000000000000000(0000) GS:ffff8881c4072000(0000) knlGS:0000000000000000 [ 139.668059] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.668699] CR2: 00007ffff7ffe000 CR3: 0000000050abc000 CR4: 00000000000006f0 [ 139.668917] DR0: ffffffff97052440 DR1: ffffffff97052441 DR2: ffffffff97052442 [ 139.669121] DR3: ffffffff97052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.669323] Call Trace: [ 139.669725] <TASK> [ 139.669949] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 139.670716] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 139.671529] ? __schedule+0x10cc/0x2b60 [ 139.672082] ? __pfx_read_tsc+0x10/0x10 [ 139.672554] ? ktime_get_ts64+0x86/0x230 [ 139.673045] kunit_try_run_case+0x1a5/0x480 [ 139.673275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.673794] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.674145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.674314] ? __kthread_parkme+0x82/0x180 [ 139.674946] ? preempt_count_sub+0x50/0x80 [ 139.675336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.675717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.675903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.676097] kthread+0x337/0x6f0 [ 139.676222] ? trace_preempt_on+0x20/0xc0 [ 139.676385] ? __pfx_kthread+0x10/0x10 [ 139.676520] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.676836] ? calculate_sigpending+0x7b/0xa0 [ 139.677065] ? __pfx_kthread+0x10/0x10 [ 139.677259] ret_from_fork+0x116/0x1d0 [ 139.677490] ? __pfx_kthread+0x10/0x10 [ 139.677687] ret_from_fork_asm+0x1a/0x30 [ 139.677874] </TASK> [ 139.677986] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.587333] WARNING: CPU: 1 PID: 1976 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 139.588018] Modules linked in: [ 139.588215] CPU: 1 UID: 0 PID: 1976 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 139.589332] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.589665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.590030] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 139.590286] Code: 49 8d 7c 24 60 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 60 00 75 1b 5b 41 5c 5d e9 c2 35 26 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 68 [ 139.591313] RSP: 0000:ffff88810d1d7c90 EFLAGS: 00010246 [ 139.591768] RAX: dffffc0000000000 RBX: ffff88810cf2e000 RCX: 0000000000000000 [ 139.592040] RDX: 1ffff110219e5c32 RSI: ffffffff92207898 RDI: ffff88810cf2e190 [ 139.592321] RBP: ffff88810d1d7ca0 R08: 1ffff11020073f69 R09: ffffed1021a3af65 [ 139.593003] R10: 0000000000000003 R11: ffffffff90c049da R12: 0000000000000000 [ 139.593597] R13: ffff88810d1d7d38 R14: ffff88810039fc50 R15: ffff88810039fc58 [ 139.593888] FS: 0000000000000000(0000) GS:ffff8881c4172000(0000) knlGS:0000000000000000 [ 139.594177] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.594909] CR2: 00007ffff7ffe000 CR3: 0000000050abc000 CR4: 00000000000006f0 [ 139.595214] DR0: ffffffff97052440 DR1: ffffffff97052441 DR2: ffffffff97052443 [ 139.595795] DR3: ffffffff97052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.596235] Call Trace: [ 139.596428] <TASK> [ 139.596560] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 139.596883] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 139.597197] ? __schedule+0x10cc/0x2b60 [ 139.597765] ? __pfx_read_tsc+0x10/0x10 [ 139.598200] ? ktime_get_ts64+0x86/0x230 [ 139.598611] kunit_try_run_case+0x1a5/0x480 [ 139.599010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.599500] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 139.599936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.600173] ? __kthread_parkme+0x82/0x180 [ 139.600607] ? preempt_count_sub+0x50/0x80 [ 139.600869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.601233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.601818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.602109] kthread+0x337/0x6f0 [ 139.602274] ? trace_preempt_on+0x20/0xc0 [ 139.602852] ? __pfx_kthread+0x10/0x10 [ 139.603107] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.603764] ? calculate_sigpending+0x7b/0xa0 [ 139.604066] ? __pfx_kthread+0x10/0x10 [ 139.604266] ret_from_fork+0x116/0x1d0 [ 139.604726] ? __pfx_kthread+0x10/0x10 [ 139.604912] ret_from_fork_asm+0x1a/0x30 [ 139.605109] </TASK> [ 139.605227] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 108.942139] WARNING: CPU: 0 PID: 674 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 108.942778] Modules linked in: [ 108.943090] CPU: 0 UID: 0 PID: 674 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 108.943899] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 108.944233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.945007] RIP: 0010:intlog10+0x2a/0x40 [ 108.945209] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 108.946292] RSP: 0000:ffff88810b45fcb0 EFLAGS: 00010246 [ 108.946626] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff1102168bfb4 [ 108.947015] RDX: 1ffffffff29d2dec RSI: 1ffff1102168bfb3 RDI: 0000000000000000 [ 108.947264] RBP: ffff88810b45fd60 R08: 0000000000000000 R09: ffffed10201e1060 [ 108.947576] R10: ffff888100f08307 R11: 0000000000000000 R12: 1ffff1102168bf97 [ 108.947895] R13: ffffffff94e96f60 R14: 0000000000000000 R15: ffff88810b45fd38 [ 108.948189] FS: 0000000000000000(0000) GS:ffff8881c4072000(0000) knlGS:0000000000000000 [ 108.948516] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.948968] CR2: dffffc0000000000 CR3: 0000000050abc000 CR4: 00000000000006f0 [ 108.949563] DR0: ffffffff97052440 DR1: ffffffff97052441 DR2: ffffffff97052442 [ 108.950220] DR3: ffffffff97052443 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.951006] Call Trace: [ 108.951272] <TASK> [ 108.951571] ? intlog10_test+0xf2/0x220 [ 108.952048] ? __pfx_intlog10_test+0x10/0x10 [ 108.952586] ? __schedule+0x10cc/0x2b60 [ 108.952856] ? __pfx_read_tsc+0x10/0x10 [ 108.953105] ? ktime_get_ts64+0x86/0x230 [ 108.953254] kunit_try_run_case+0x1a5/0x480 [ 108.953600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.954097] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.954657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.955153] ? __kthread_parkme+0x82/0x180 [ 108.955584] ? preempt_count_sub+0x50/0x80 [ 108.955865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.956030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.956207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.956682] kthread+0x337/0x6f0 [ 108.956987] ? trace_preempt_on+0x20/0xc0 [ 108.957372] ? __pfx_kthread+0x10/0x10 [ 108.957873] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.958500] ? calculate_sigpending+0x7b/0xa0 [ 108.958944] ? __pfx_kthread+0x10/0x10 [ 108.959276] ret_from_fork+0x116/0x1d0 [ 108.959503] ? __pfx_kthread+0x10/0x10 [ 108.959898] ret_from_fork_asm+0x1a/0x30 [ 108.960276] </TASK> [ 108.960473] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 108.899028] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 108.899459] Modules linked in: [ 108.899819] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 108.900310] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 108.900893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 108.901954] RIP: 0010:intlog2+0xdf/0x110 [ 108.902166] Code: e9 94 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 d2 b9 86 02 90 <0f> 0b 90 31 c0 e9 c7 b9 86 02 89 45 e4 e8 5f c7 55 ff 8b 45 e4 eb [ 108.903536] RSP: 0000:ffff88810b54fcb0 EFLAGS: 00010246 [ 108.904292] RAX: 0000000000000000 RBX: ffff88810039fae8 RCX: 1ffff110216a9fb4 [ 108.904790] RDX: 1ffffffff29d2e40 RSI: 1ffff110216a9fb3 RDI: 0000000000000000 [ 108.905433] RBP: ffff88810b54fd60 R08: 0000000000000000 R09: ffffed10201e3920 [ 108.905887] R10: ffff888100f1c907 R11: 0000000000000000 R12: 1ffff110216a9f97 [ 108.906464] R13: ffffffff94e97200 R14: 0000000000000000 R15: ffff88810b54fd38 [ 108.907035] FS: 0000000000000000(0000) GS:ffff8881c4172000(0000) knlGS:0000000000000000 [ 108.907284] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 108.907890] CR2: ffff88815a90afe0 CR3: 0000000050abc000 CR4: 00000000000006f0 [ 108.908672] DR0: ffffffff97052440 DR1: ffffffff97052441 DR2: ffffffff97052443 [ 108.909324] DR3: ffffffff97052445 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 108.910246] Call Trace: [ 108.910550] <TASK> [ 108.910670] ? intlog2_test+0xf2/0x220 [ 108.910830] ? __pfx_intlog2_test+0x10/0x10 [ 108.910989] ? __schedule+0x10cc/0x2b60 [ 108.911134] ? __pfx_read_tsc+0x10/0x10 [ 108.911274] ? ktime_get_ts64+0x86/0x230 [ 108.911762] kunit_try_run_case+0x1a5/0x480 [ 108.912182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.912792] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 108.913285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 108.913900] ? __kthread_parkme+0x82/0x180 [ 108.914425] ? preempt_count_sub+0x50/0x80 [ 108.914911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 108.915411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 108.916041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 108.916834] kthread+0x337/0x6f0 [ 108.917285] ? trace_preempt_on+0x20/0xc0 [ 108.917908] ? __pfx_kthread+0x10/0x10 [ 108.918395] ? _raw_spin_unlock_irq+0x47/0x80 [ 108.918902] ? calculate_sigpending+0x7b/0xa0 [ 108.919070] ? __pfx_kthread+0x10/0x10 [ 108.919210] ret_from_fork+0x116/0x1d0 [ 108.919387] ? __pfx_kthread+0x10/0x10 [ 108.920135] ret_from_fork_asm+0x1a/0x30 [ 108.920753] </TASK> [ 108.921148] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 108.323731] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI